Method and system for verifying malicious encrypted connection

Method and system for verifying malicious encrypted connection

The present invention provides a method and system for verifying a malicious encrypted connection. The method includes: obtaining traffic connection data transmitted between a relay station and a terminal by using an encrypted connection; obtaining an encrypted connection fingerprint of a specific a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: LO, WEN-YANG, HUANG, CHUANIANG, SHIH, CHUN-HSI, HSU, CHENGING
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The present invention provides a method and system for verifying a malicious encrypted connection. The method includes: obtaining traffic connection data transmitted between a relay station and a terminal by using an encrypted connection; obtaining an encrypted connection fingerprint of a specific application running on the terminal and a specific port occupied by the encrypted connection on the terminal; in response to determining that the encrypted connection fingerprint is a malicious encrypted connection fingerprint, demanding the terminal to install an agent; receiving a program sample returned by the agent from the terminal; and in response to determining that the program sample matching one of the plurality of known malicious program samples, determining the program sample as a malicious program sample.