CN106411951A - 网络攻击行为检测方法及装置 - Google Patents
网络攻击行为检测方法及装置 Download PDFInfo
- Publication number
- CN106411951A CN106411951A CN201611077922.8A CN201611077922A CN106411951A CN 106411951 A CN106411951 A CN 106411951A CN 201611077922 A CN201611077922 A CN 201611077922A CN 106411951 A CN106411951 A CN 106411951A
- Authority
- CN
- China
- Prior art keywords
- domain name
- data
- data mining
- attack
- cluster
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2458—Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
- G06F16/2465—Query processing support for facilitating data mining operations in structured databases
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Probability & Statistics with Applications (AREA)
- Software Systems (AREA)
- Computational Linguistics (AREA)
- Data Mining & Analysis (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Fuzzy Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611077922.8A CN106411951B (zh) | 2016-11-29 | 2016-11-29 | 网络攻击行为检测方法及装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611077922.8A CN106411951B (zh) | 2016-11-29 | 2016-11-29 | 网络攻击行为检测方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106411951A true CN106411951A (zh) | 2017-02-15 |
CN106411951B CN106411951B (zh) | 2020-03-27 |
Family
ID=58084704
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611077922.8A Active CN106411951B (zh) | 2016-11-29 | 2016-11-29 | 网络攻击行为检测方法及装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106411951B (zh) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106411922A (zh) * | 2016-10-31 | 2017-02-15 | 四川长虹电器股份有限公司 | 一种安全的身份认证方法及系统 |
CN109462612A (zh) * | 2018-12-27 | 2019-03-12 | 北京神州绿盟信息安全科技股份有限公司 | 一种僵尸网络中的攻击域名的确定方法及装置 |
CN109743339A (zh) * | 2019-03-22 | 2019-05-10 | 中国南方电网有限责任公司 | 电力厂站的网络安全监测方法和装置、计算机设备 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101572701A (zh) * | 2009-02-10 | 2009-11-04 | 中科正阳信息安全技术有限公司 | 针对DNS服务的抗DDoS攻击安全网关系统 |
CN102780791A (zh) * | 2012-07-18 | 2012-11-14 | 广东睿江科技有限公司 | 一种自适应ip的方法、装置以及系统 |
US20130219502A1 (en) * | 2004-09-14 | 2013-08-22 | International Business Machines Corporation | Managing a ddos attack |
CN105072120A (zh) * | 2015-08-14 | 2015-11-18 | 中国传媒大学 | 基于域名服务状态分析的恶意域名检测方法及装置 |
-
2016
- 2016-11-29 CN CN201611077922.8A patent/CN106411951B/zh active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130219502A1 (en) * | 2004-09-14 | 2013-08-22 | International Business Machines Corporation | Managing a ddos attack |
CN101572701A (zh) * | 2009-02-10 | 2009-11-04 | 中科正阳信息安全技术有限公司 | 针对DNS服务的抗DDoS攻击安全网关系统 |
CN102780791A (zh) * | 2012-07-18 | 2012-11-14 | 广东睿江科技有限公司 | 一种自适应ip的方法、装置以及系统 |
CN105072120A (zh) * | 2015-08-14 | 2015-11-18 | 中国传媒大学 | 基于域名服务状态分析的恶意域名检测方法及装置 |
Non-Patent Citations (5)
Title |
---|
(美)塞奇(SAGE,A.P.),(美)阿姆斯特朗(ARMSTRONG,J.E.): "《系统工程导论》", 30 September 2006 * |
李爱国: "《数据挖掘原理、算法及应用》", 31 January 2012 * |
樊重俊,刘臣,霍良安: "《大数据分析与应用》", 31 January 2016 * |
胡学钢,张先宜: "《数据结构》", 28 February 2015 * |
葛方振: "《基于混沌蚂蚁的群集协同求解算法及应用》", 31 January 2014 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106411922A (zh) * | 2016-10-31 | 2017-02-15 | 四川长虹电器股份有限公司 | 一种安全的身份认证方法及系统 |
CN109462612A (zh) * | 2018-12-27 | 2019-03-12 | 北京神州绿盟信息安全科技股份有限公司 | 一种僵尸网络中的攻击域名的确定方法及装置 |
CN109462612B (zh) * | 2018-12-27 | 2021-06-11 | 绿盟科技集团股份有限公司 | 一种僵尸网络中的攻击域名的确定方法及装置 |
CN109743339A (zh) * | 2019-03-22 | 2019-05-10 | 中国南方电网有限责任公司 | 电力厂站的网络安全监测方法和装置、计算机设备 |
CN109743339B (zh) * | 2019-03-22 | 2020-06-02 | 中国南方电网有限责任公司 | 电力厂站的网络安全监测方法和装置、计算机设备 |
Also Published As
Publication number | Publication date |
---|---|
CN106411951B (zh) | 2020-03-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Javed et al. | A comprehensive survey on computer forensics: State-of-the-art, tools, techniques, challenges, and future directions | |
US10560471B2 (en) | Detecting web exploit kits by tree-based structural similarity search | |
CN108183916B (zh) | 一种基于日志分析的网络攻击检测方法及装置 | |
CN104219316B (zh) | 一种分布式系统中的调用请求处理方法及装置 | |
CN107241296B (zh) | 一种Webshell的检测方法及装置 | |
CN111818103B (zh) | 一种网络靶场中基于流量的溯源攻击路径方法 | |
CN106453438B (zh) | 一种网络攻击的识别方法及装置 | |
CN106161451A (zh) | 防御cc攻击的方法、装置及系统 | |
CN110505241A (zh) | 一种网络攻击面检测方法及系统 | |
Taylor et al. | Detecting malicious exploit kits using tree-based similarity searches | |
RU2757597C1 (ru) | Системы и способы сообщения об инцидентах компьютерной безопасности | |
CN109104421B (zh) | 一种网站内容篡改检测方法、装置、设备及可读存储介质 | |
CN103077250B (zh) | 一种网页内容抓取方法及装置 | |
CN106295348A (zh) | 应用程序的漏洞检测方法及装置 | |
CN106534042A (zh) | 基于数据分析的服务器入侵识别方法、装置和云安全系统 | |
CN104935601B (zh) | 基于云的网站日志安全分析方法、装置及系统 | |
CN106973047A (zh) | 一种异常流量检测方法和装置 | |
CN106534146A (zh) | 一种安全监测系统及方法 | |
CN102790706A (zh) | 海量事件安全分析方法及装置 | |
CN106411951A (zh) | 网络攻击行为检测方法及装置 | |
CN116566674A (zh) | 自动化渗透测试方法、系统、电子设备及存储介质 | |
Khobragade et al. | Data generation and analysis for digital forensic application using data mining | |
CN108184146A (zh) | 一种计算直播平台人气的方法及相关设备 | |
Najafabadi et al. | A text mining approach for anomaly detection in application layer DDoS attacks | |
CN117454376A (zh) | 工业互联网数据安全检测响应与溯源方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Network attack behavior detection method and device Effective date of registration: 20220330 Granted publication date: 20200327 Pledgee: Haidian Beijing science and technology enterprise financing Company limited by guarantee Pledgor: SHENZHOU WANGYUN (BEIJING) INFORMATION TECHNOLOGY CO.,LTD. Registration number: Y2022110000071 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20230330 Granted publication date: 20200327 Pledgee: Haidian Beijing science and technology enterprise financing Company limited by guarantee Pledgor: SHENZHOU WANGYUN (BEIJING) INFORMATION TECHNOLOGY CO.,LTD. Registration number: Y2022110000071 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Method and device for detecting network attack behavior Effective date of registration: 20230403 Granted publication date: 20200327 Pledgee: Haidian Beijing science and technology enterprise financing Company limited by guarantee Pledgor: SHENZHOU WANGYUN (BEIJING) INFORMATION TECHNOLOGY CO.,LTD. Registration number: Y2023110000146 |