Bitcoin mining botnet traffic rapid identification method
The invention provides a Bitcoin mining botnet traffic rapid identification method. An identification framework is divided into three parts, wherein the first part is a simulation environment construction, and the specific content comprises collecting a corresponding mining botnet virus sample, dete...
Gespeichert in:
| Hauptverfasser: | , , , , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The invention provides a Bitcoin mining botnet traffic rapid identification method. An identification framework is divided into three parts, wherein the first part is a simulation environment construction, and the specific content comprises collecting a corresponding mining botnet virus sample, determining a running environment required by the sample, setting the environment required by the virus sample on a virtual machine, and running the virus sample to obtain the traffic generated by the virus sample; the second part is feature extraction, and the specific content comprises obtaining appropriate features through operation such as mode comparison and data analysis, and constructing a traffic data training set by using mining virus traffic and normal traffic; and the third part is generation and verification of an identification model, and the specific content comprises dividing the training set into a test set and a training set, performing parameter selection on a random forest algorithm on the training s |
|---|