Method and device for preventing public cloud disk from being maliciously utilized by botnet

• Main Authors: RUAN QIANG, WANG ZHONGRU, LI BIN
• Format: Patent
• Language: Chinese; English
• Published: 20.12.2019
• Subjects: ELECTRIC COMMUNICATION TECHNIQUE; ELECTRICITY; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

The invention discloses a method for preventing a public cloud disk from being maliciously utilized by a botnet, which comprises the following steps: capturing the flow of a target public cloud disk,and acquiring a suspected secret stealing file in the flow and a botnet program IP address for uploading the suspected secret stealing file; when it is detected that the zombie program IP address uploads a request data packet to the target public cloud disk, intercepting and disguising the request data packet as the zombie program IP address to submit a honey mark file to the target public cloud disk, wherein the honey mark file is the same as the request data packet in type and provided with a tracking watermark; when it is detected that an attacker downloads the honeybee tag file and opens the honeybee tag file, determining an attack IP address of the attacker; and disabling the attack IP address. According to the method, the attack IP address is forbidden, so that the problem that a botnet threatens a user thro