Botnet detection method based on multi-mode stacked automatic encoder

The invention discloses a botnet detection method based on a multi-mode stacked automatic encoder. The method comprises the following steps: acquiring an executable file of an application program; respectively carrying out dynamic analysis and static analysis on a data set containing a benign progra...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	SUN NING, HAN GUANGJIE, CHEN LELAN, LOU XINGYU
Format:	Patent
Sprache:	chi ; eng
Schlagworte:	CALCULATING COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page
container_issue
container_start_page
container_title
container_volume
creator	SUN NING HAN GUANGJIE CHEN LELAN LOU XINGYU
description	The invention discloses a botnet detection method based on a multi-mode stacked automatic encoder. The method comprises the following steps: acquiring an executable file of an application program; respectively carrying out dynamic analysis and static analysis on a data set containing a benign program and a zombie program, and extracting dynamic features based on a flow and static features based on a printable character string information graph; pre-training two stacked automatic encoders, respectively encoding the stream-based features and the graph-based features, and extracting deep features; fusing the dynamic features and the static features based on a multi-modal automatic encoder; performing fine adjustment on the multi-mode stacked automatic encoder model; and taking an encoder of the trained multi-mode stacked automatic encoder model as a feature extractor, and taking the output of the shared hidden layer as the input of a softmax layer to carry out zombie program detection. According to the method, t
format	Patent
fullrecord	<record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_CN117640190A</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>CN117640190A</sourcerecordid><originalsourceid>FETCH-epo_espacenet_CN117640190A3</originalsourceid><addsrcrecordid>eNrjZHB1yi_JSy1RSEktSU0uyczPU8hNLcnIT1FISixOTVEA8UtzSjJ1c_NTUhWKSxKTs4GiiaUl-bmJJZnJCql5yUCJIh4G1rTEnOJUXijNzaDo5hri7KGbWpAfn1pckJicCrQk3tnP0NDczMTA0NLA0ZgYNQDzOTMx</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Botnet detection method based on multi-mode stacked automatic encoder</title><source>esp@cenet</source><creator>SUN NING ; HAN GUANGJIE ; CHEN LELAN ; LOU XINGYU</creator><creatorcontrib>SUN NING ; HAN GUANGJIE ; CHEN LELAN ; LOU XINGYU</creatorcontrib><description>The invention discloses a botnet detection method based on a multi-mode stacked automatic encoder. The method comprises the following steps: acquiring an executable file of an application program; respectively carrying out dynamic analysis and static analysis on a data set containing a benign program and a zombie program, and extracting dynamic features based on a flow and static features based on a printable character string information graph; pre-training two stacked automatic encoders, respectively encoding the stream-based features and the graph-based features, and extracting deep features; fusing the dynamic features and the static features based on a multi-modal automatic encoder; performing fine adjustment on the multi-mode stacked automatic encoder model; and taking an encoder of the trained multi-mode stacked automatic encoder model as a feature extractor, and taking the output of the shared hidden layer as the input of a softmax layer to carry out zombie program detection. According to the method, t</description><language>chi ; eng</language><subject>CALCULATING ; COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2024</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240301&DB=EPODOC&CC=CN&NR=117640190A$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76547</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240301&DB=EPODOC&CC=CN&NR=117640190A$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>SUN NING</creatorcontrib><creatorcontrib>HAN GUANGJIE</creatorcontrib><creatorcontrib>CHEN LELAN</creatorcontrib><creatorcontrib>LOU XINGYU</creatorcontrib><title>Botnet detection method based on multi-mode stacked automatic encoder</title><description>The invention discloses a botnet detection method based on a multi-mode stacked automatic encoder. The method comprises the following steps: acquiring an executable file of an application program; respectively carrying out dynamic analysis and static analysis on a data set containing a benign program and a zombie program, and extracting dynamic features based on a flow and static features based on a printable character string information graph; pre-training two stacked automatic encoders, respectively encoding the stream-based features and the graph-based features, and extracting deep features; fusing the dynamic features and the static features based on a multi-modal automatic encoder; performing fine adjustment on the multi-mode stacked automatic encoder model; and taking an encoder of the trained multi-mode stacked automatic encoder model as a feature extractor, and taking the output of the shared hidden layer as the input of a softmax layer to carry out zombie program detection. According to the method, t</description><subject>CALCULATING</subject><subject>COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2024</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZHB1yi_JSy1RSEktSU0uyczPU8hNLcnIT1FISixOTVEA8UtzSjJ1c_NTUhWKSxKTs4GiiaUl-bmJJZnJCql5yUCJIh4G1rTEnOJUXijNzaDo5hri7KGbWpAfn1pckJicCrQk3tnP0NDczMTA0NLA0ZgYNQDzOTMx</recordid><startdate>20240301</startdate><enddate>20240301</enddate><creator>SUN NING</creator><creator>HAN GUANGJIE</creator><creator>CHEN LELAN</creator><creator>LOU XINGYU</creator><scope>EVB</scope></search><sort><creationdate>20240301</creationdate><title>Botnet detection method based on multi-mode stacked automatic encoder</title><author>SUN NING ; HAN GUANGJIE ; CHEN LELAN ; LOU XINGYU</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_CN117640190A3</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>chi ; eng</language><creationdate>2024</creationdate><topic>CALCULATING</topic><topic>COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>SUN NING</creatorcontrib><creatorcontrib>HAN GUANGJIE</creatorcontrib><creatorcontrib>CHEN LELAN</creatorcontrib><creatorcontrib>LOU XINGYU</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>SUN NING</au><au>HAN GUANGJIE</au><au>CHEN LELAN</au><au>LOU XINGYU</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Botnet detection method based on multi-mode stacked automatic encoder</title><date>2024-03-01</date><risdate>2024</risdate><abstract>The invention discloses a botnet detection method based on a multi-mode stacked automatic encoder. The method comprises the following steps: acquiring an executable file of an application program; respectively carrying out dynamic analysis and static analysis on a data set containing a benign program and a zombie program, and extracting dynamic features based on a flow and static features based on a printable character string information graph; pre-training two stacked automatic encoders, respectively encoding the stream-based features and the graph-based features, and extracting deep features; fusing the dynamic features and the static features based on a multi-modal automatic encoder; performing fine adjustment on the multi-mode stacked automatic encoder model; and taking an encoder of the trained multi-mode stacked automatic encoder model as a feature extractor, and taking the output of the shared hidden layer as the input of a softmax layer to carry out zombie program detection. According to the method, t</abstract><oa>free_for_read</oa></addata></record>
fulltext	fulltext_linktorsrc
identifier
ispartof
issn
language	chi ; eng
recordid	cdi_epo_espacenet_CN117640190A
source	esp@cenet
subjects	CALCULATING COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title	Botnet detection method based on multi-mode stacked automatic encoder
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T10%3A01%3A39IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=SUN%20NING&rft.date=2024-03-01&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3ECN117640190A%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true