BOTNET DETECTION METHOD AND SYSTEM, AND STORAGE MEDIUM

摘要

Disclosed in the present invention are a botnet detection method and system, and a storage medium. The method comprises: obtaining original network traffic data in a monitored network and preprocessing the original network traffic data to obtain preprocessed network traffic data; constructing a terminal access relationship map on the basis of the preprocessed network traffic data; and mining an identifier list of terminals accessing a plurality of the same domain names from the terminal access relationship map to obtain a candidate node combination, and on the basis of a preset screening rule, screening the candidate node combination to obtain a botnet node detection result.