Invention Grant
US08533819B2 Method and apparatus for detecting compromised host computers 有权
用于检测受损主机的方法和装置

Method and apparatus for detecting compromised host computers
Abstract:
A method and apparatus for detecting compromised host computers (e.g., Bots) are disclosed. For example, the method identifies a plurality of suspicious hosts. Once identified, the method analyzes network traffic of the plurality suspicious hosts to identify a plurality suspicious hub-servers. The method then classifies the plurality of candidate Bots into at least one group. The method then identifies members of each of the at least one group that are connected to a same controller from the plurality suspicious controllers, where the members are identified to be part of a Botnet.
Public/Granted literature
Information query
Patent Agency Ranking
0/0