首页>
外国专利>
Systematic mining of associated server herds for uncovering malware and attack campaigns
Systematic mining of associated server herds for uncovering malware and attack campaigns
展开▼
机译:系统地挖掘相关服务器群以发现恶意软件和攻击活动
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method for detecting malicious servers. The method includes analyzing network traffic data to generate a main similarity measure and a secondary similarity measure for each server pair found in the network traffic data, extracting a main subset and a secondary subset of servers based on the main similarity measure and the secondary similarity measure, identifying a server that belongs to the main subset and the secondary subset, and determining a suspicious score of the server based on at least a first similarity density measure of the main subset, a second similarity density measure of the secondary subset, and a commonality measure of the main subset and the secondary subset.
展开▼