Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, device and equipment for monitoring zombie network attack behavior and storage medium

A technology of botnets and attackers, which is applied to a method of monitoring botnet attack behaviors, electronic equipment, storage media, and devices. Network traffic resources and other issues

Inactive Publication Date: 2019-09-10
EVERSEC BEIJING TECH
View PDF8 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Different forms of network attacks can be carried out through botnets: (1) launch distributed denial of service attacks (DDos, distributed denial of service), DDoS attacks initiated by botnets are difficult to trace and cause great harm; (2) send garbage Mail, such as the Rustock botnet, can send an average of 30 billion spam every day; (3) steal sensitive information, occupy network traffic resources, and consume system performance; (4) form a malicious software distribution platform, and hackers use botnets to continuously carry out different attacks Attempts to create new attack methods and cause great harm to hosts in the network
[0003] At present, the detection of botnets mainly focuses on finding abnormal network behaviors based on traffic and detecting attack behaviors based on characteristics, without forming a long-term monitoring capability for botnets

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and equipment for monitoring zombie network attack behavior and storage medium
  • Method, device and equipment for monitoring zombie network attack behavior and storage medium
  • Method, device and equipment for monitoring zombie network attack behavior and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] In order to make the technical problems solved by the embodiments of the present disclosure, the technical solutions adopted and the technical effects achieved clearer, the technical solutions of the embodiments of the present disclosure will be further described in detail below in conjunction with the accompanying drawings. Obviously, the described embodiments are only Some of the embodiments of the present disclosure are not all of the embodiments. Based on the embodiments in the embodiments of the present disclosure, all other embodiments obtained by those skilled in the art without creative work fall within the protection scope of the embodiments of the present disclosure.

[0058] It should be noted that the terms "system" and "network" in the embodiments of the present disclosure are often used interchangeably herein. The "and / or" mentioned in the embodiments of the present disclosure means "including any and all combinations of one or more related listed items. T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a method and device for monitoring zombie network attack behavior, electronic equipment and a storage medium. The method comprises the steps of acquiring a communication port of a zombie network to which a malicious sample belongs, control instruction information and an address of a remote control server according to the malicious sample; controlling the communication port of a setting terminal to be opened, and controlling the setting terminal to send the connection request instruction to the address of the remote control server; receiving a control instruction sent by the remote control server in real time, and analyzing the control instruction according to the coding mode information, determining attack intention information of the zombie network according to an analysis result, receiving and analyzing the control instruction sent by a remote control server of the zombie network in real time through a setting terminal, and performing long-term monitoring on the zombie network.

Description

technical field [0001] Embodiments of the present disclosure relate to the technical field of network security, and in particular to a method, device, electronic device, and storage medium for monitoring attack behaviors of botnets. Background technique [0002] A botnet refers to a malicious network formed by an attacker using a one-to-many control channel to control a large number of hosts. Different forms of network attacks can be carried out through botnets: (1) launch distributed denial of service attacks (DDos, distributed denial of service), DDoS attacks initiated by botnets are difficult to trace and cause great harm; (2) send garbage Mail, such as the Rustock botnet, can send an average of 30 billion spam every day; (3) steal sensitive information, occupy network traffic resources, and consume system performance; (4) form a malicious software distribution platform, and hackers use botnets to continuously carry out different attacks Attempts of various means form ne...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1441
Inventor 刘新鹏胡付博陈宇曦宋囿谕周忠义傅强金红杨满智刘长永陈晓光
Owner EVERSEC BEIJING TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products