| 发明名称 |
METHOD AND SYSTEM FOR NETWORK-BASED DETECTING OF MALWARE FROM BEHAVIORAL CLUSTERING |
| 摘要 |
A computerized system and method for performing behavioral clustering of malware samples, comprising: executing malware samples in a controlled computer environment for a predetermined time to obtain HTTP traffic; clustering the malware samples into at least one cluster based on network behavioral information from the HTTP traffic; and extracting, using the at least one processor, network signatures from the HTTP traffic information for each cluster, the network signatures being indicative of malware infection. |
| 申请公布号 |
US2015026808(A1) |
申请公布日期 |
2015.01.22 |
| 申请号 |
US201414317785 |
申请日期 |
2014.06.27 |
| 申请人 |
DAMBALLA, INC. |
发明人 |
PERDISCI Roberto;LEE Wenke;OLLMANN Gunter |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A computerized method for performing behavioral clustering of malware samples, comprising:
executing malware samples in a controlled computer environment for a predetermined time to obtain HTTP traffic; clustering, using at least one processor, the malware samples into at least one cluster based on network behavioral information from the HTTP traffic; and extracting, using the at least one processor, network signatures from the HTTP traffic information for each cluster, the network signatures being indicative of malware infection. |
| 地址 |
Atlanta GA US |
