首页>
外国专利>
SYSTEMS AND METHODS FOR IDENTIFYING MALICIOUS DOMAINS USING INTERNET-WIDE DNS LOOKUP PATTERNS
SYSTEMS AND METHODS FOR IDENTIFYING MALICIOUS DOMAINS USING INTERNET-WIDE DNS LOOKUP PATTERNS
展开▼
机译:使用互联网范围内的DNS查找模式识别恶意域的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
Systems and methods are disclosed for identifying domains as malicious based on Internet-wide DNS lookup patterns. Disclosed embodiments look for variance in the servers that look up a domain and also look at the popularity growth (quantity of queries from unique addresses) of a domain after registration to identify malicious domains. Other disclosed embodiments measure the similarity of servers that query a domain and cluster domains based on the similarity of those servers. Disclosed embodiments may use such temporal and spatial lookup patterns as input to a blacklist process to more effectively and quickly blacklist domains based on their Internet-wide lookup patterns.
展开▼