首页>
外国专利>
Distributed systems and methods for automatically detecting unknown bots and botnets
Distributed systems and methods for automatically detecting unknown bots and botnets
展开▼
机译:自动检测未知僵尸和僵尸网络的分布式系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A system and method for detecting malicious activity through one or more local analyzers and a central analyzer. The local analyzer captures packets that are part of communications over a network, generates a signature from information obtained from one or more of the captured packets, and determines whether the signature matches any signature of a first plurality of signatures stored in a first storage device that is accessible to the first local analyzer. The central analyzer remotely receives a portion of the information and the signature from the first local analyzer in response to the signature failing to match any of the signatures stored in the first storage device. The central analyzer determines whether the signature matches any global signature stored within a second storage device that is accessible to the central analyzer.
展开▼