首页>
外国专利>
Detecting malicious domains and client addresses in DNS traffic
Detecting malicious domains and client addresses in DNS traffic
展开▼
机译:检测DNS流量中的恶意域和客户端地址
展开▼
页面导航
摘要
著录项
相似文献
摘要
In one embodiment, a device in a network constructs a graph based on Domain Name System (DNS) traffic in which vertices of the graph correspond to client addresses from the DNS traffic and domains from DNS traffic. The device uses stacked autoencoders to determine priors for the domains and client addresses. The device assigns the determined priors to the corresponding vertices of the graph. The device uses belief propagation on the graph to determine a malware inference from the graph. The device causes performance of a mitigation action when the malware inference from the graph indicates the presence of malware.
展开▼