首页>
外国专利>
SYSTEM AND METHOD FOR BOTNET DETECTION USING TRAFFIC ANALYSIS OF NON-IDEAL DOMAIN NAME SYSTEM
SYSTEM AND METHOD FOR BOTNET DETECTION USING TRAFFIC ANALYSIS OF NON-IDEAL DOMAIN NAME SYSTEM
展开▼
机译:基于非理想域名系统流量分析的僵尸网络检测系统及方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
PURPOSE: A botnet detecting system and method thereof are provided to analyze the DNS(Domain Name Service) request traffic of the classified traffic by classifying the traffic of a botnet detecting target network. CONSTITUTION: A botnet detecting system includes a TCE(Botnet Collection Sensor), the GAE, and a DNS analysis engine. The TCE filters and collects the traffic of a botnet detection target network. The GAE(Group Analysis Engine) groups the traffic according to each destination by using the IP(Internet Protocol) traffic information of the filtered traffic. The DNS analysis engine detects abnormal DNS and fast-flux by using the DNS traffic information of the filtered traffic.
展开▼