首页>
外国专利>
Malicious network activity detection utilising a model of user contact lists built up from monitoring network communications
Malicious network activity detection utilising a model of user contact lists built up from monitoring network communications
展开▼
机译:利用通过监视网络通信建立的用户联系人列表模型进行恶意网络活动检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
This invention relates to a method for detecting malicious communication activity between user devices 22, 24, 26, 28 in an electronic communications network. Source and destination data from electronic communications made across the network are used to derive contact data such as telephone numbers, email addresses and Internet Protocol (IP) addresses. These contact data are used to model 58 the contents of the actual contact lists 32, 34, 36, 38 stored on user devices, without the need to individually access each of the user devices themselves. Once the models have been created, source and destination data from further electronic communications are analysed for suspicious patterns of activity, with reference to the contact list models. Malware, which propagate by scanning infected user devices for contacts of other user devices to infect and sending copies of themselves on to infect other devices, can therefore be detected.
展开▼