使用Networkx进行图的相关计算——黑产集团挖掘,我靠,可以做dns ddos慢速攻击检测啊
# -*- coding: utf-8 -*-
import networkx as nx
import matplotlib.pyplot as plt iplist={}
goodiplist={}
#相似度
N=0.5
#黑客团伙IP最少个数
M=3
#黑客IP攻击目标最小个数
R=2 #jarccard系数
def get_len(d1,d2):
ds1=set()
for d in d1.keys():
ds1.add(d) ds2=set()
for d in d2.keys():
ds2.add(d)
return len(ds1&ds2)/len(ds1|ds2) filename="../data/etl-ip-domain-train.txt"
G=nx.Graph() with open(filename) as f:
for line in f:
(ip,domain)=line.split("\t")
if not ip=="0.0.0.0":
if not iplist.has_key(ip):
iplist[ip]={} iplist[ip][domain]=1 for ip in iplist.keys():
if len(iplist[ip]) >= R:
goodiplist[ip]=1 for ip1 in iplist.keys():
for ip2 in iplist.keys():
if not ip1 == ip2 :
weight=get_len(iplist[ip1],iplist[ip2])
if (weight >= N) and (ip1 in goodiplist.keys()) and (ip2 in goodiplist.keys()):
#点不存在会自动添加
G.add_edge(ip1,ip2,weight=weight) n_sub_graphs=nx.number_connected_components(G)
sub_graphs=nx.connected_component_subgraphs(G) for i,sub_graph in enumerate(sub_graphs):
n_nodes=len(sub_graph.nodes())
if n_nodes >= M:
print("Subgraph {0} has {1} nodes {2}".format(i,n_nodes,sub_graph.nodes())) nx.draw(G)
plt.show()
输入:
49.83.26.24* *qagd.vip.wed114.cn
49.83.26.24* *qms.vip.wed114.cn
49.83.26.24* *y.vip.wed114.cn
49.83.26.24* *u.wed114.cn
49.83.26.24* *iang.wed114.cn
49.83.26.24* *hou.wed114.cn
49.83.26.24* *.52solo.*
49.83.26.24* *.66ip.cn
49.83.26.24* *.aoyier.*
49.83.26.24* *.bm186.*
49.83.26.24* *.cdbacts.*
49.83.26.24* *.cts5176.*
49.83.26.24* *.gkstk.*
49.83.26.24* *.gooddyw.*
49.83.26.24* *.ipmch.com.cn
49.83.26.24* *.iuvision.cn
49.83.26.24* *.mycodes.*
49.83.26.24* *.qizuang.*
49.83.26.24* *.riqin.*
49.83.26.24* *.sanyachloe.*
49.83.26.24* *.shoudurc.*
49.83.26.24* *.xiaoguaiguai.*
49.83.26.24* *.xxingclub.*
49.83.26.24* *.zgqsz.*
49.83.26.24* *do.vip.wed114.cn
49.83.26.24* *love.vip.wed114.cn
49.83.26.24* *hs.vip.wed114.cn
49.83.26.24* *jxn.vip.wed114.cn
49.83.26.24* *sy.vip.wed114.cn
49.83.26.24* wz.wed114.cn
49.83.26.24* *gsy.vip.wed114.cn
49.83.26.24* *t.vip.wed114.cn
49.83.26.24* *ms.vip.wed114.cn
49.83.26.24* *wxn.vip.wed114.cn
49.83.26.24* *d99.vip.wed114.cn
49.83.26.24* *hl.vip.wed114.cn
49.83.26.24* *wed.vip.wed114.cn
49.83.26.24* *hs.vip.wed114.cn
49.83.26.24* *oya1314.vip.wed114.cn
49.83.26.24* *hang.wed114.cn
49.83.26.24* *iehun.vip.wed114.cn
49.83.26.24* *xiang.wed114.cn
49.83.26.24* *yang.wed114.cn
49.83.26.24* *zhou.wed114.cn
49.83.26.24* xj.cn2che.*
... 58.49.86.23* *ata.371ju.*
58.49.86.23* *ata.7fuke.*
58.49.86.23* *ata.94flash.*
58.49.86.23* *ata.bali98.*
58.49.86.23* *ata.lx137.* 60.22.103.2* *ata.371ju.*
60.22.103.2* *ata.7fuke.*
60.22.103.2* *ata.94flash.*
60.22.103.2* *ata.bali98.*
60.22.103.2* *ata.lx137.* 59.53.67.20* *ata.371ju.*
59.53.67.20* *ata.7fuke.*
59.53.67.20* *ata.94flash.*
59.53.67.20* *ata.bali98.*
59.53.67.20* *ata.lx137.*
。。。
输出:
Subgraph 0 has 472 nodes ['60.182.199.1*', '59.59.165.24*', '58.16.204.4*', '60.220.58.18*', '61.54.208.13*', '59.35.157.25*', '60.220.132.13*', '60.182.195.16*', '60.220.57.23*', '61.154.16.24*', '58.209.126.8*', '60.220.58.4*', '60.172.229.18*', '60.168.25.20*', '58.42.238.1*', '61.143.22.3*', '59.55.59.6*', '61.143.18.4*', '59.174.254.25*', '59.55.59.15*', '59.35.159.7*', '60.220.65.20*', '58.214.247.5*', '49.86.213.17*', '60.220.63.20*', '61.157.219.13*', '59.55.101.22*', '59.62.41.23*', '59.59.165.4*', '59.174.255.*', '60.220.58.23*', '59.55.158.23*', '60.167.185.21*', '58.47.242.12*', '60.17.40.2*', '60.11.249.7*', '60.168.21.25*', '59.55.101.3*', '60.220.130.16*', '60.11.237.18*', '60.182.192.9*', '49.86.204.1*', '59.55.121.3*', '60.220.64.*', '60.220.110.7*', '59.55.58.17*', '60.220.64.19*', '60.182.194.15*', '58.59.203.20*', '60.168.24.12*', '60.23.165.22*', '61.187.202.11*', '60.168.24.24*', '61.161.28.16*', '60.168.21.17*', '61.145.49.14*', '59.60.126.5*', '60.182.192.24*', '58.208.32.23*', '60.22.91.10*', '58.216.74.7*', '58.49.86.25*', '59.35.158.25*', '59.55.159.2*', '60.220.57.3*', '58.63.109.25*', '59.59.165.20*', '61.183.212.2*', '60.182.195.20*', '59.174.254.10*', '61.241.201.6*', '59.62.41.8*', '60.220.128.16*', '58.19.62.*', '60.220.77.18*', '60.186.193.16*', '61.157.218.22*', '60.168.21.9*', '59.55.147.11*', '60.220.131.15*', '59.59.165.11*', '59.55.59.21*', '61.143.22.20*', '59.61.134.14*', '59.59.165.8*', '60.168.25.17*', '60.220.58.7*', '61.143.23.20*', '58.208.33.2*', '59.56.127.10*', '58.49.114.23*', '58.51.228.7*', '59.56.126.13*', '59.55.159.13*', '60.220.125.6*', '61.157.219.6*', '49.86.213.14*', '61.188.148.*', '58.42.6.24*', '59.56.44.2*', '61.157.218.16*', '59.55.58.13*', '59.59.165.1*', '59.62.42.*', '58.47.241.1*', '60.168.25.2*', '60.182.195.18*', '59.174.254.20*', '59.56.127.20*', '59.56.44.22*', '59.55.147.13*', '61.143.18.16*', '61.143.16.10*', '60.220.59.14*', '60.168.21.22*', '60.4.138.5*', '59.174.254.2*', '61.174.50.23*', '59.55.58.14*', '59.41.147.1*', '61.185.87.4*', '61.143.19.7*', '59.172.137.10*', '60.220.65.9*', '59.37.169.2*', '60.11.233.2*', '61.145.32.12*', '61.154.15.15*', '59.55.58.2*', '59.62.41.12*', '59.55.148.18*', '60.23.184.14*', '60.2.252.15*', '58.208.32.19*', '60.182.193.21*', '59.62.28.*', '59.55.102.3*', '60.220.68.7*', '60.168.21.5*', '60.220.130.18*', '61.141.173.12*', '61.187.202.23*', '60.220.60.22*', '59.174.65.22*', '60.182.194.7*', '59.59.165.15*', '60.182.195.15*', '59.173.161.16*', '61.157.218.21*', '60.168.21.2*', '60.168.25.18*', '59.56.126.17*', '59.55.103.5*', '59.55.59.14*', '59.55.158.9*', '60.220.179.3*', '60.24.232.6*', '58.208.33.15*', '60.11.230.12*', '61.143.18.20*', '61.174.123.23*', '59.56.127.15*', '61.157.219.12*', '60.168.24.2*', '59.62.42.18*', '60.220.206.13*', '58.209.127.10*', '58.47.240.19*', '60.220.64.21*', '60.220.125.23*', '60.235.43.15*', '59.55.58.10*', '60.220.124.4*', '59.55.59.13*', '60.220.70.12*', '60.190.67.17*', '60.23.165.21*', '60.182.192.7*', '59.55.102.7*', '58.214.235.17*', '61.154.15.11*', '61.145.16.1*', '58.208.32.21*', '61.188.148.7*', '59.55.58.4*', '61.143.16.13*', '59.56.127.18*', '49.86.204.17*', '49.86.213.2*', '60.182.193.5*', '59.59.165.21*', '60.220.131.5*', '59.62.41.2*', '59.59.165.19*', '59.55.158.11*', '60.183.217.17*', '60.220.131.2*', '60.220.99.1*', '59.55.102.13*', '59.55.103.20*', '61.137.254.2*', '60.182.194.8*', '60.220.131.16*', '60.220.61.24*', '59.62.42.5*', '59.59.165.9*', '59.59.165.10*', '59.55.59.*', '61.143.22.8*', '59.55.59.18*', '58.243.226.1*', '61.143.19.9*', '58.48.30.18*', '60.220.57.24*', '61.143.22.1*', '58.209.126.3*', '58.208.33.1*', '61.143.23.2*', '60.220.65.22*', '61.157.215.20*', '60.220.60.11*', '60.182.194.12*', '61.164.65.24*', '59.35.159.14*', '61.157.218.10*', '49.86.204.19*', '59.56.127.*', '61.143.23.19*', '59.59.165.2*', '59.55.59.17*', '61.145.35.10*', '61.157.218.2*', '60.220.124.*', '60.220.125.10*', '59.55.102.24*', '60.220.124.20*', '60.220.61.3*', '60.23.185.19*', '61.54.3.24*', '59.55.58.15*', '60.180.139.1*', '60.220.124.7*', '58.49.87.6*', '60.220.224.20*', '61.154.16.2*', '58.47.240.15*', '59.55.159.9*', '61.143.19.6*', '60.11.237.3*', '61.143.17.5*', '58.60.4.9*', '60.168.21.15*', '59.44.176.18*', '60.220.131.12*', '58.208.32.13*', '60.220.65.8*', '61.157.219.20*', '59.62.41.13*', '58.48.13.23*', '59.172.160.10*', '49.86.213.1*', '60.182.193.6*', '58.52.58.21*', '58.47.243.11*', '61.154.173.14*', '60.168.21.8*', '59.62.41.1*', '59.59.165.14*', '61.145.32.6*', '59.44.179.3*', '58.18.138.15*', '59.61.134.11*', '59.41.146.24*', '59.55.100.13*', '59.62.41.6*', '59.55.158.4*', '60.220.130.2*', '59.62.42.8*', '60.168.21.3*', '59.55.147.9*', '60.165.219.1*', '59.55.103.6*', '60.220.65.7*', '59.55.58.18*', '59.59.165.6*', '59.59.165.13*', '60.220.109.21*', '61.143.17.18*', '58.208.35.15*', '58.52.199.1*', '60.215.129.5*', '60.220.55.11*', '49.86.204.*', '60.172.246.2*', '61.143.16.23*', '58.47.198.4*', '60.23.191.11*', '59.55.100.2*', '60.161.181.1*', '49.86.204.3*', '60.220.125.24*', '61.157.219.18*', '60.220.65.*', '60.220.124.9*', '59.55.58.11*', '49.86.110.21*', '60.220.64.22*', '59.55.59.12*', '58.47.241.3*', '60.11.239.17*', '60.168.20.23*', '60.182.192.6*', '61.143.17.1*', '61.143.23.*', '59.55.101.6*', '60.168.21.20*', '60.220.124.23*', '61.157.219.2*', '61.164.59.12*', '58.208.32.25*', '59.45.115.*', '59.56.126.5*', '59.55.100.23*', '59.62.41.17*', '61.143.21.8*', '59.56.180.2*', '60.168.24.21*', '58.48.12.22*', '60.168.21.10*', '59.55.103.2*', '58.47.243.15*', '59.56.133.15*', '60.11.233.18*', '59.175.67.8*', '60.168.21.7*', '59.55.58.5*', '60.220.61.11*', '58.208.32.7*', '60.220.124.8*', '59.59.165.17*', '61.145.32.3*', '59.172.136.22*', '60.220.130.8*', '59.55.147.7*', '59.59.165.18*', '61.145.48.21*', '60.182.193.11*', '59.56.127.24*', '61.145.17.1*', '59.55.59.5*', '59.44.40.20*', '60.220.63.17*', '60.2.56.5*', '59.53.175.2*', '60.220.131.22*', '60.168.20.15*', '60.220.60.10*', '60.182.194.13*', '59.55.59.4*', '59.55.122.23*', '49.85.72.25*', '58.47.242.22*', '58.208.33.7*', '60.220.58.10*', '60.172.246.7*', '59.55.59.10*', '59.56.44.9*', '59.55.121.21*', '59.59.165.3*', '59.55.148.11*', '59.59.165.*', '60.220.57.*', '60.220.125.13*', '60.168.21.24*', '61.143.19.18*', '60.220.61.2*', '59.55.102.15*', '61.145.49.17*', '60.24.86.10*', '60.220.124.6*', '58.216.36.12*', '58.208.34.8*', '60.220.66.14*', '60.168.20.12*', '58.216.74.9*', '49.86.204.9*', '60.206.64.3*', '61.145.17.11*', '60.168.20.3*', '58.208.248.3*', '59.56.126.2*', '61.145.34.5*', '60.220.70.20*', '60.182.193.9*', '61.157.219.4*', '61.143.16.6*', '61.157.219.21*', '59.55.147.18*', '59.56.126.19*', '61.145.33.3*', '59.55.58.22*', '59.59.165.23*', '61.157.126.*', '61.154.15.22*', '61.188.148.4*', '60.168.25.24*', '61.141.176.*', '61.143.20.12*', '60.168.25.23*', '60.220.130.3*', '59.55.59.9*', '60.220.131.14*', '59.55.58.19*', '59.62.42.7*', '59.59.165.7*', '59.59.165.12*', '59.55.122.6*', '60.220.64.2*', '60.22.67.6*', '58.47.243.22*', '60.168.20.19*', '61.143.17.19*', '61.143.23.9*', '59.55.147.3*', '58.47.241.20*', '61.178.81.3*', '59.55.103.8*', '60.186.110.16*', '60.168.24.7*', '58.208.34.16*', '60.172.228.12*', '59.35.159.3*', '61.157.218.9*', '61.54.211.3*', '60.220.124.2*', '59.55.59.11*', '59.55.147.20*', '59.55.58.12*', '60.168.25.5*', '59.35.158.19*', '60.172.246.8*', '60.19.237.13*', '60.183.203.16*', '59.55.101.7*', '60.220.61.5*', '60.220.124.22*', '60.182.192.16*', '49.86.214.22*', '59.55.100.18*', '61.157.215.13*', '60.220.206.18*', '59.62.41.18*', '59.55.100.8*', '59.35.156.24*', '60.220.218.2*', '60.220.76.23*', '60.220.68.25*', '61.154.15.14*', '59.55.103.3*', '58.52.58.15*', '60.168.24.20*', '61.145.35.25*', '60.168.20.6*', '60.220.57.8*', '59.55.58.3*', '59.62.41.11*', '61.241.201.3*', '61.54.208.*', '60.220.130.19*', '60.220.128.15*', '60.220.68.6*', '60.168.24.10*']
Subgraph 1 has 6 nodes ['60.173.218.1*', '59.55.59.2*', '58.54.249.23*', '59.56.44.6*', '59.55.58.1*', '49.86.72.8*']
Subgraph 2 has 20 nodes ['58.219.226.23*', '59.63.58.*', '59.59.165.22*', '60.220.65.4*', '59.55.101.24*', '61.188.148.12*', '58.255.125.22*', '58.241.12.14*', '59.56.44.*', '60.161.88.13*', '59.56.126.3*', '61.180.116.22*', '60.168.24.11*', '60.206.64.11*', '58.52.199.*', '58.209.126.20*', '58.208.34.6*', '58.255.121.17*', '61.154.37.20*', '60.186.111.3*']
Subgraph 3 has 3 nodes ['58.49.86.23*', '60.22.103.2*', '59.53.67.20*']
Subgraph 5 has 5 nodes ['58.217.185.12*', '59.63.248.4*', '59.47.7.11*', '59.47.7.12*', '59.63.28.17*']
函数说明:
获取连通分量(nx.connected_component_subgraphs(G),返回的是列表,但是元素是图,这些分量按照节点数目从大到小排列,所以第一个就是最大的连通分量。
使用Networkx进行图的相关计算——黑产集团挖掘,我靠,可以做dns ddos慢速攻击检测啊的更多相关文章
- 大数据学习day23-----spark06--------1. Spark执行流程(知识补充:RDD的依赖关系)2. Repartition和coalesce算子的区别 3.触发多次actions时,速度不一样 4. RDD的深入理解(错误例子,RDD数据是如何获取的)5 购物的相关计算
1. Spark执行流程 知识补充:RDD的依赖关系 RDD的依赖关系分为两类:窄依赖(Narrow Dependency)和宽依赖(Shuffle Dependency) (1)窄依赖 窄依赖指的是 ...
- MATLAB线性回归方程与非线性回归方程的相关计算
每次比赛都需要查一下,这次直接总结到自己的博客中. 以这个为例子: 2.线性方程的相关计算 x=[1,2,3,4,5]';%参数矩阵 X=[ones(5,1),x];%产生一个5行一列的矩阵,后接x矩 ...
- IP地址分类及其相关计算问题
IP地址分类及其相关计算问题 公网IP和子网IP 公网IP: • A类:1.0.0.0 到 127.255.255.255 主要分配 给大量主机而局域网网络数量较少的大型网络 • B类:128.0.0 ...
- 大数据DDos检测——DDos攻击本质上是时间序列数据,t+1时刻的数据特点和t时刻强相关,因此用HMM或者CRF来做检测是必然! 和一个句子的分词算法CRF没有区别!
DDos攻击本质上是时间序列数据,t+1时刻的数据特点和t时刻强相关,因此用HMM或者CRF来做检测是必然!——和一个句子的分词算法CRF没有区别!注:传统DDos检测直接基于IP数据发送流量来识别, ...
- js如何通过末次月经日期计算预产日期
计算方式有两种 1)直接添加280天 2)添加10月8天(参数传递,可用改成9月7天等) js中引入文件 <script src="js/jquery.min.js"> ...
- 新型赌博黑产攻击肆虐网吧: LOL博彩引流+棋牌盗号
https://mp.weixin.qq.com/s/BxnovV6jKqPkYfHEzjd_FA 新型赌博黑产攻击肆虐网吧: LOL博彩引流+棋牌盗号 看雪学院 2019-04-21
- Matlab 沿三维任意方向切割CT图的仿真计算
一.数据来源 头部组织的数据.此处直接引用了matlab自带的mri数据.实际场景中,可以通过CT得到的数据进行转换得到 插入异物的数据.此处我假设插入异物为一根细铁丝.模拟为空间中的一条曲线.这个曲 ...
- 关于IP的相关计算
不论是考研还是考各种计算机类的证,大家或多或少都会遇到网络部分的一种题型,大体的归类就是以下几种: 已知一个IP是192.XX.XX.XX,子网掩码是255.255.255.0,那么它的网络地址是多少 ...
- 【Learning】 多项式的相关计算
约定的记号 对于一个多项式\(A(x)\),若其最高次系数不为零的项是\(x^k\),则该多项式的次数为\(k\). 记为\(deg(A)=k\). 对于\(x\in(k,+ \infty)\),称\ ...
随机推荐
- Django迁移到mysql数据库时的错误
pip install mysqlclient Collecting mysqlclient Using cached https://files.pythonhosted.org/packages/ ...
- luogu 1593 因子和
因子和 题目描述 输入两个正整数a和b,求\(a^b\)的因子和.结果太大,只要输出它对9901的余数. 解法 基本算数定理,每一个数都可以被分解成一系列的素数的乘积,然后你可以分解出因数了. 如何求 ...
- NSURLSession简介
NSURLSession是iOS7中新的网络接口,它与咱们熟悉的NSURLConnection是并列的.在程序在前台时,NSURLSession与NSURLConnection可以互为替代工作.注意, ...
- Swagger中添加Token验证
1.该连接链接到api中基本的swagge功能:http://www.cnblogs.com/hhhh2010/p/5234016.html 2.在swagger中使用验证(这里使用密码验证模式)ht ...
- TextView 限制最大行数、最小行数、字数超过“...”表示
最小行数: android:minLines = "2" //最小行数为2 最大行数: android:maxLines = "2" //最大行数为2 文字超过 ...
- OpenCV3 安装
Opencv 安装 本文主要说明了在ubuntu上通过源码安装Opencv3,包含各种独立接口.具体可以参照LearnOpencv: https://www.learnopencv.com/insta ...
- javaScript注释 to 颜文字
将javascript 注释(alert.console)转化为 颜文字语言. http://utf-8.jp/public/aaencode.html
- Kattis - mixedfractions
Mixed Fractions You are part of a team developing software to help students learn basic mathematics. ...
- JQ UI dialog
初始化参数 对于 dialog 来说,首先需要进行初始化,在调用 dialog 函数的时候,如果没有传递参数,或者传递了一个对象,那么就表示在初始化一个对话框. 没有参数,表示按照默认的设置初始化对话 ...
- Vue学习之路第五篇:v-bind
v-bind:是Vue提供的用于绑定html属性的指令. html中常见的属性有:id.class.src.title.style等,他们都是以 名称/值对 的形式出现,如:id="firs ...