Malicious domain name community mining method based on graph structure

A technology of graph structure and domain name, applied in the field of information security, can solve the problem of not being able to effectively prevent continued attacks and other problems, and achieve the effect of improving reusability, strong attack power, and strong attack force.

Active Publication Date: 2021-11-12
积至(海南)信息技术有限公司
View PDF9 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These detection methods are not very effective in effectively preventing further attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious domain name community mining method based on graph structure
  • Malicious domain name community mining method based on graph structure

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0036] It should be understood that the step numbers used herein are only for convenience of description, and are not intended to limit the execution order of the steps.

[0037] It should be understood that the terminology used in the description of the present invention is for the purpose of describing particular embodiments only and is not intended to limit the present invention. As used in this specification and the appended claims, the singular forms "a",...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a malicious domain name community mining method based on a graph structure, which comprises the following steps: carrying out cleaning and rule filtering on an input DNS (Domain Name Server) log, and constructing a dependency graph among domain names according to data of three basic fields (a client, a timestamp and a server); on the basis of the constructed graph structure, discovering domain names with high dependency from the graph by using sequence similarity and jump probability of nodes, and mining domain name communities; and selecting a specific feature to carry out training learning on whether the community is malicious or not to obtain a classifier which is finally used for judging and screening out the malicious domain name community. Through adoption of the method, expansion detection of malicious domain name detection in an Internet security system can be met, the effect of malicious domain name cluster mining is achieved, the cost of network criminals is improved, and the method and the device are more suitable for increasingly complex Internet scenes in the future.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method for mining malicious domain name communities based on graph structures. Background technique [0002] With the development of the network, in order to carry out a large number of malicious activities, cybercriminals usually arrange a group of domain names or servers to build malicious infrastructure, improve the resistance and flexibility of malicious activities, and support the launch of large-scale DDoS attacks, spread Ransomware, stealing sensitive data, carrying out APT persistent threat attacks, etc. Moreover, the development of new network technologies, such as the Internet of Things (IoT), Cyber-Physical Systems, and Cognitive Radio Networks, have also brought various new security vulnerabilities, which have significantly increased the threat to the information security of Internet users. Security experts have made great efforts to mitigate cybercrim...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06K9/62H04L29/12
CPCH04L63/1416H04L63/0236H04L61/103H04L63/1458H04L61/4511G06F18/24G06F18/214
Inventor 郑超黄园园朱木易洁殷丽华罗熙李依馨
Owner 积至(海南)信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap