Botnet detection system and method
US10122738B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 20, 2016 |
| Grant date | Nov 6, 2018 |
| Priority date | — |
| Expiry date | Nov 22, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/144
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A botnet detection system and method are provided. The method includes the steps of: retrieving a network log file of a computer device; refining the network log file according to a device alive-time record of the computer device and a network white list to obtain a plurality of individual network log files, wherein each individual network log file records time information, a source IP address of the computer device, and an individual destination IP address; and analyzing a plurality of connection intervals of the source IP address connecting to the individual destination IP address in each individual network log file to determine whether the computer device exhibits connection behavior that indicates infection by a botnet malware.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.