Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

P2P botnet detection method based on fractal and self-adaptation fusion

A detection method and adaptive technology, applied in the field of computer security, can solve the problems of low detection efficiency and complex detection process, and achieve the effect of reducing the hypothesis set

Active Publication Date: 2016-04-20
CHANGCHUN INST OF OPTICS FINE MECHANICS & PHYSICS CHINESE ACAD OF SCI
View PDF2 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The present invention provides a P2Pbotnet detection method based on fractal and adaptive data fusion in order to solve the problems of complex detection process and low detection efficiency of the existing P2Pbotnet detection method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • P2P botnet detection method based on fractal and self-adaptation fusion
  • P2P botnet detection method based on fractal and self-adaptation fusion
  • P2P botnet detection method based on fractal and self-adaptation fusion

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach 1

[0034] Specific implementation mode 1. Combination figure 1 with figure 2 Describe this embodiment, the P2Pbotnet detection method based on fractal and self-adaptive fusion, the specific implementation steps are:

[0035] Step 1: Network traffic data collection.

[0036] Use tools such as Wireshark to collect network traffic as the original input data of the detection method.

[0037] Step 2: Construct two network traffic detection sensors using fractal theory to detect whether the characteristics of network traffic at different time scales are abnormal.

[0038] 1) Use the monofractal characteristic detection sensor to detect whether there is anomaly in the self-similarity of network traffic on a large time scale: estimate the Hurst exponent, input it into the Kalman filter as a system measurement value, and establish a Kalman filter model to detect The abnormality of the network traffic self-similarity feature is obtained to obtain the detection result.

[0039] 2) Use ...

specific Embodiment approach 2

[0042] Specific embodiment two, combine figure 1 with figure 2 Describe this embodiment, this embodiment is the embodiment of the P2Pbotnet detection method based on fractal and adaptive fusion described in the specific embodiment one:

[0043] Step A, network traffic data collection, use tools such as Wireshark to collect network traffic, as the original input data of the detection method, calculate the network traffic in a fixed time window, and normalize it to obtain the traffic F k , assuming that the current is the kth time window;

[0044] Step B. Construct two network traffic detection sensors to detect whether the characteristics under different time scales are abnormal.

[0045] 1. Use monofractal characteristics to detect sensors to detect whether there is anomaly in the self-similarity of network traffic on a large time scale: use the rescaled range (R / S, RescaledRange) method to estimate the Hurst exponent in the current time window to obtain Hurst k , which is...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a P2P botnet detection method based on fractal and self-adaptation fusion, which relates to the field of computer security and solves problems that the existing P2P botnet detection method has a complex detection process and low detection efficiency. The P2P botnet detection method based on the fractal and self-adaptation fusion comprises the steps: constructing a single-fractal characteristic detection sensor and a multi-fractal characteristic detection sensor, which respectively utilize self similarity in large time scale and local singularity in small time scale to express network flow characteristics; utilizing a Kalman filter to detect whether the characteristics are abnormal. A self-adaptation data fusion method is provided to obtain a more precise data fusion result; according to difference of evidential confliction degrees, DST or DSmT is selected by self adaptation to fuse the detection results of the detection sensors, thereby obtaining a final result. According to the P2P botnet detection method based on the fractal and self-adaptation fusion, quick and universal detection is performed on P2P botnet, and the precision and real-time performance are excellent.

Description

technical field [0001] The invention relates to the field of computer security, in particular to a P2Pbotnet detection method based on fractal and adaptive data fusion. Background technique [0002] A botnet (botnet) is a malicious host group. Attackers can use secondary injection to change the load of bot nodes, so as to quickly and easily change the type of attack to be sent, such as distributed denial of service attacks, phishing and Spam attacks, etc. The current new P2Pbotnet uses the decentralized structure of the P2P network to build its command and control mechanism (C&C, Command and Control). Because the structure has no control center, it effectively avoids single point failure, and is more robust and reliable. [0003] At present, the research on P2Pbotnet analysis and detection is in the rising stage, and the analysis shows that there are mainly the following problems: [0004] 1. Most detection methods mainly start with some unique and detailed features of P2P...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1475
Inventor 宋元章哈清华王安邦刘逻
Owner CHANGCHUN INST OF OPTICS FINE MECHANICS & PHYSICS CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com