CN105024989B - 一种基于异常端口的恶意url启发式检测方法及系统 - Google Patents
一种基于异常端口的恶意url启发式检测方法及系统 Download PDFInfo
- Publication number
- CN105024989B CN105024989B CN201410688920.7A CN201410688920A CN105024989B CN 105024989 B CN105024989 B CN 105024989B CN 201410688920 A CN201410688920 A CN 201410688920A CN 105024989 B CN105024989 B CN 105024989B
- Authority
- CN
- China
- Prior art keywords
- port data
- url
- port
- data
- abnormal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 33
- 230000002159 abnormal effect Effects 0.000 title claims abstract description 17
- 238000000034 method Methods 0.000 claims description 9
- 241000700605 Viruses Species 0.000 abstract description 6
- 230000007812 deficiency Effects 0.000 abstract description 2
- 238000000605 extraction Methods 0.000 abstract description 2
- 241001269238 Data Species 0.000 abstract 2
- 238000001914 filtration Methods 0.000 abstract 1
- 238000003860 storage Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000033228 biological regulation Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Landscapes
- Computer And Data Communications (AREA)
Abstract
Description
Claims (4)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410688920.7A CN105024989B (zh) | 2014-11-26 | 2014-11-26 | 一种基于异常端口的恶意url启发式检测方法及系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410688920.7A CN105024989B (zh) | 2014-11-26 | 2014-11-26 | 一种基于异常端口的恶意url启发式检测方法及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105024989A CN105024989A (zh) | 2015-11-04 |
CN105024989B true CN105024989B (zh) | 2018-09-07 |
Family
ID=54414699
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410688920.7A Active CN105024989B (zh) | 2014-11-26 | 2014-11-26 | 一种基于异常端口的恶意url启发式检测方法及系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105024989B (zh) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107294993B (zh) * | 2017-07-05 | 2021-02-09 | 重庆邮电大学 | 一种基于集成学习的web异常流量监测方法 |
CN110851747B (zh) * | 2018-08-01 | 2022-08-02 | 北京国双科技有限公司 | 一种信息匹配方法和装置 |
CN111200522A (zh) * | 2019-12-27 | 2020-05-26 | 视联动力信息技术股份有限公司 | 一种端口检测方法、装置、设备及存储介质 |
CN114301696B (zh) * | 2021-12-30 | 2023-12-01 | 北京天融信网络安全技术有限公司 | 恶意域名检测方法、装置、计算机设备及存储介质 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1475930A (zh) * | 2002-08-15 | 2004-02-18 | 联想(北京)有限公司 | 基于状态检测的链路层资源定位信息过滤的方法 |
CN1764158A (zh) * | 2004-10-06 | 2006-04-26 | 三星电子株式会社 | 网络中有差别的入侵检测 |
CN101001242A (zh) * | 2006-01-10 | 2007-07-18 | 中兴通讯股份有限公司 | 网络设备入侵检测的方法 |
US7620988B1 (en) * | 2003-07-25 | 2009-11-17 | Symantec Corporation | Protocol identification by heuristic content analysis |
CN103905421A (zh) * | 2013-12-17 | 2014-07-02 | 哈尔滨安天科技股份有限公司 | 一种基于url异构性的可疑事件检测方法及系统 |
CN104135490A (zh) * | 2014-08-14 | 2014-11-05 | 浪潮(北京)电子信息产业有限公司 | 入侵检测系统分析方法和入侵检测系统 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101335752B (zh) * | 2008-06-03 | 2011-07-27 | 电子科技大学 | 一种基于频繁片段规则的网络入侵检测方法 |
-
2014
- 2014-11-26 CN CN201410688920.7A patent/CN105024989B/zh active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1475930A (zh) * | 2002-08-15 | 2004-02-18 | 联想(北京)有限公司 | 基于状态检测的链路层资源定位信息过滤的方法 |
US7620988B1 (en) * | 2003-07-25 | 2009-11-17 | Symantec Corporation | Protocol identification by heuristic content analysis |
CN1764158A (zh) * | 2004-10-06 | 2006-04-26 | 三星电子株式会社 | 网络中有差别的入侵检测 |
CN101001242A (zh) * | 2006-01-10 | 2007-07-18 | 中兴通讯股份有限公司 | 网络设备入侵检测的方法 |
CN103905421A (zh) * | 2013-12-17 | 2014-07-02 | 哈尔滨安天科技股份有限公司 | 一种基于url异构性的可疑事件检测方法及系统 |
CN104135490A (zh) * | 2014-08-14 | 2014-11-05 | 浪潮(北京)电子信息产业有限公司 | 入侵检测系统分析方法和入侵检测系统 |
Also Published As
Publication number | Publication date |
---|---|
CN105024989A (zh) | 2015-11-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105024989B (zh) | 一种基于异常端口的恶意url启发式检测方法及系统 | |
CN102891852B (zh) | 基于报文分析的协议格式自动推断方法 | |
CN104316844B (zh) | 配电网故障类型识别方法及装置 | |
CN109088869B (zh) | Apt攻击检测方法及装置 | |
CN102752290B (zh) | 一种云安全系统中的未知文件安全信息确定方法和装置 | |
CN106294222A (zh) | 一种确定pcie设备与插槽对应关系的方法及装置 | |
CN109981326B (zh) | 家庭宽带感知故障定位的方法及装置 | |
CN104320677A (zh) | 一种审核服务器、主控服务器及视频检测系统 | |
CN104951553B (zh) | 一种数据处理准确的内容搜集与数据挖掘平台及其实现方法 | |
CN105095330A (zh) | 一种基于压缩包内容的文件格式识别方法及系统 | |
CN103823792A (zh) | 从文本文档中检测热点事件的方法和设备 | |
CN104751051A (zh) | 恶意广告的识别方法及装置、移动终端 | |
CN105488409B (zh) | 一种检测恶意代码家族变种及新家族的方法及系统 | |
CN109194739A (zh) | 一种文件上传方法、存储介质和服务器 | |
CN109142830A (zh) | 基于用电信息采集系统大数据的窃电检测方法 | |
CN103455753A (zh) | 一种样本文件分析方法及装置 | |
CN105718524A (zh) | 确定视频正本的方法和装置 | |
CN105374031A (zh) | 基于机器人的家庭安防数据处理方法及系统 | |
CN110138583B (zh) | 一种报警智能分析的展示方法 | |
US9794274B2 (en) | Information processing apparatus, information processing method, and computer readable medium | |
CN105487936A (zh) | 云环境下面向等级保护的信息系统安全性测评方法 | |
CN104426708A (zh) | 一种安全检测服务执行方法及系统 | |
CN107132063A (zh) | 一种农业机械故障识别系统 | |
KR101761798B1 (ko) | 제어 네트워크에서의 스캐닝 공격 탐지 장치 | |
CN108171014B (zh) | 一种rtf可疑文件的检测方法、系统及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address |
Address after: 150010 building 7, innovation and entrepreneurship Plaza, science and technology innovation city, Harbin high tech Industrial Development Zone, Heilongjiang, China (No. 838, world Kun Road) Patentee after: Harbin antiy Technology Group Limited by Share Ltd Address before: 150090 room 506, Hongqi Street, Nangang District, Harbin Development Zone, Heilongjiang, China, 162 Patentee before: Harbin Antiy Technology Co., Ltd. |
|
CP03 | Change of name, title or address | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Malicious URL heuristic detection method and system based on abnormal port Effective date of registration: 20190718 Granted publication date: 20180907 Pledgee: Bank of Longjiang, Limited by Share Ltd, Harbin Limin branch Pledgor: Harbin antiy Technology Group Limited by Share Ltd Registration number: 2019230000007 |
|
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 150010 building 7, innovation and entrepreneurship Plaza, science and technology innovation city, Harbin high tech Industrial Development Zone, Heilongjiang, China (No. 838, world Kun Road) Patentee after: Antan Technology Group Co.,Ltd. Address before: 150010 building 7, innovation and entrepreneurship Plaza, science and technology innovation city, Harbin high tech Industrial Development Zone, Heilongjiang, China (No. 838, world Kun Road) Patentee before: Harbin Antian Science and Technology Group Co.,Ltd. |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20211119 Granted publication date: 20180907 Pledgee: Bank of Longjiang Limited by Share Ltd. Harbin Limin branch Pledgor: Harbin Antian Science and Technology Group Co.,Ltd. Registration number: 2019230000007 |