Malicious program classification method and system for complex network

The embodiment of the invention provides a complex network malicious program-oriented classification method and system, and the method comprises the steps: obtaining the complete network flow of a network malicious program in a preset time, dividing the complete network flow into a plurality of netw...

Full description

Saved in:
Bibliographic Details
Main Authors YIN QILEI, JIANG JIANGUO, KANG XIAOYU, SHI ZHIXIN, HUANG WEIQING, LYU BIN
Format Patent
LanguageChinese
English
Published 12.01.2021
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
HANDLING RECORD CARRIERS
PHYSICS
PRESENTATION OF DATA
RECOGNITION OF DATA
RECORD CARRIERS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:The embodiment of the invention provides a complex network malicious program-oriented classification method and system, and the method comprises the steps: obtaining the complete network flow of a network malicious program in a preset time, dividing the complete network flow into a plurality of network activities, carrying out the network activity description of the plurality of network activities, obtaining a network comprehensive behavior portrait model; generating a behavior signature from the sample network behavior characteristics obtained in the network comprehensive behavior portrait model through a behavior distance metric function and a preset clustering algorithm; and performing overall similarity calculation on the known malicious network training sample and the unknown test sample based on the behavior signature to obtain the category affiliation of the unknown network malicious program. According to the embodiment of the invention, the comprehensive behavior portrait classification is carried out
Bibliography:Application Number: CN202010935440