METHOD AND SYSTEM FOR DETECTING AN INFRASTRUCTURE OF MALWARE OR A CYBERCRIMINAL
This technical solution relates to a method and a system for malware or cybercriminal infrastructure detection. The computer-implementable method for malware or cybercriminal infrastructure detection includes receiving a request comprising at least one infrastructure element and a tag that this elem...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Patent |
| Sprache: | eng ; fre ; ger |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | This technical solution relates to a method and a system for malware or cybercriminal infrastructure detection. The computer-implementable method for malware or cybercriminal infrastructure detection includes receiving a request comprising at least one infrastructure element and a tag that this element belongs to a malware or cybercriminal; extracting from a database at least one parameter of the infrastructure element, at least one additional infrastructure element that is used by the same malware or cybercriminal as the obtained infrastructure element, and at least one parameter of at least one additional infrastructure element; analyzing the obtained at least one infrastructure element and at least one related parameter, and the additional infrastructure element and at least one related parameter; detecting, based on the analysis, statistical relationships between at least one parameter of at least one obtained infrastructure element and at least one parameter of at least one additional infrastructure element; creating rules of searching new infrastructure elements based on the detected statistical relationship; extracting new infrastructure elements from the database using the created rule; assigning tags corresponding to specific malwares or cybercriminals to the new elements, and storing the results in the database. |
|---|