首页>
外国专利>
METHOD AND SYSTEM FOR DETECTING THE INFRASTRUCTURE OF A MALICIOUS SOFTWARE OR A CYBERCRIMINAL
METHOD AND SYSTEM FOR DETECTING THE INFRASTRUCTURE OF A MALICIOUS SOFTWARE OR A CYBERCRIMINAL
展开▼
机译:检测恶意软件或网络犯罪工具基础结构的方法和系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
FIELD: computer equipment.;SUBSTANCE: disclosed is a computer-implemented method of identifying infrastructure of a malicious program or a cybercriminal, wherein: obtaining a request containing an infrastructure element and a tag on whether the item belongs to a malicious program or a cybercriminal; retrieving from the database a parameter of the received infrastructure element, an additional infrastructure element used by the same malware as the obtained infrastructure element, and an additional infrastructure element parameter; analyzing the obtained infrastructure element and the associated parameter and the additional infrastructure element and the parameter associated therewith; based on the analysis, statistical relationships between the parameter of the obtained infrastructure element and the parameter of the additional infrastructure element are determined; generating rules for searching for new infrastructure elements based on the detected statistical link and extracting new infrastructure elements from the database; assigning to new elements tags corresponding to certain malware or cybercriminals, and storing results in a database.;EFFECT: technical result is higher efficiency of detecting computer attacks.;10 cl, 2 dwg
展开▼