| Predicate |
Object |
| assignee |
http://rdf.ncbi.nlm.nih.gov/pubchem/patentassignee/MD5_9083f8824b83211e2a0503686f35ca06 |
| classificationCPCInventive |
http://rdf.ncbi.nlm.nih.gov/pubchem/patentcpc/H04L63-1416
http://rdf.ncbi.nlm.nih.gov/pubchem/patentcpc/H04L63-145
http://rdf.ncbi.nlm.nih.gov/pubchem/patentcpc/G06F18-23213 |
| classificationIPCInventive |
http://rdf.ncbi.nlm.nih.gov/pubchem/patentipc/G06K9-62
http://rdf.ncbi.nlm.nih.gov/pubchem/patentipc/H04L29-06 |
| filingDate |
2018-05-24^^<http://www.w3.org/2001/XMLSchema#date> |
| inventor |
http://rdf.ncbi.nlm.nih.gov/pubchem/patentinventor/MD5_079fb5098652bfa4b42f3d9abf894138
http://rdf.ncbi.nlm.nih.gov/pubchem/patentinventor/MD5_f3c8c65769aa203b568a987072204a4f
http://rdf.ncbi.nlm.nih.gov/pubchem/patentinventor/MD5_d16448454e1ac171e9a2da9d984eec3f
http://rdf.ncbi.nlm.nih.gov/pubchem/patentinventor/MD5_0c468d7c654a14af8ec50f462ff28925
http://rdf.ncbi.nlm.nih.gov/pubchem/patentinventor/MD5_3f49e3e2dcd22594c405faf37f87c3f4 |
| publicationDate |
2018-11-06^^<http://www.w3.org/2001/XMLSchema#date> |
| publicationNumber |
CN-108769001-A |
| titleOfInvention |
Malicious code detection method based on cluster analysis of network behavior characteristics |
| abstract |
The invention provides a malicious code detection method based on cluster analysis of network behavior characteristics. Step 1 is mainly to analyze the characteristics of the network behavior of botnets and Trojans; Step 2 is to use the MFAM-NB framework to extract network features; Step 3 is to use the k-Means clustering algorithm based on adaptive weights to detect malicious code. This method can solve the problem that the malicious network can easily change the packet content and flow characteristics, thereby avoiding the detection of malicious codes, and can solve the problem of dependence of traditional malicious code detection methods on manual feature extraction. The adaptive weight-based k-Means malicious code detection algorithm adopted in this method can solve the problem of inaccurate detection of malicious code caused by the improper selection of the initialization center of the traditional k-Means algorithm, and can solve the problem that the k-Means algorithm handles large amounts of data. The problem of feature set being too time-consuming. |
| isCitedBy |
http://rdf.ncbi.nlm.nih.gov/pubchem/patent/CN-110022313-B
http://rdf.ncbi.nlm.nih.gov/pubchem/patent/CN-110022313-A
http://rdf.ncbi.nlm.nih.gov/pubchem/patent/CN-111865910-A
http://rdf.ncbi.nlm.nih.gov/pubchem/patent/CN-110458187-B
http://rdf.ncbi.nlm.nih.gov/pubchem/patent/CN-110458187-A
http://rdf.ncbi.nlm.nih.gov/pubchem/patent/CN-113259402-A
http://rdf.ncbi.nlm.nih.gov/pubchem/patent/CN-113259402-B
http://rdf.ncbi.nlm.nih.gov/pubchem/patent/CN-110213227-A
http://rdf.ncbi.nlm.nih.gov/pubchem/patent/CN-111770053-A |
| priorityDate |
2018-04-11^^<http://www.w3.org/2001/XMLSchema#date> |
| type |
http://data.epo.org/linked-data/def/patent/Publication |