首页>
外国专利>
Systems and methods for identifying malicious domain names from a passive domain name system server log
Systems and methods for identifying malicious domain names from a passive domain name system server log
展开▼
机译:从无源域名系统服务器日志中识别恶意域名的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
Disclosed computer-implemented methods for identifying malicious domain names from a passive domain name system server log (DNS log) may include, in some examples, (1) creating a pool of domain names from the DNS log, (2) identifying respective features of each name in the pool, (3) preparing a list of known benign names and respective features of each known benign name, (4) preparing a list of known malicious names and features of each known malicious name, (5) computing a classification model based on (A) the features of each benign name on the list of benign names and (B) the features of each malicious name on the list of malicious names, (6) identifying respective features of an unclassified domain name, and (7) classifying, using the classification model, the unclassified domain name as malicious, based on the respective features of the unclassified domain name. Various other methods, systems, and computer-readable media are also disclosed.
展开▼