首页>
外国专利>
SYSTEM AND METHODS FOR DETECTING DOMAIN GENERATION ALGORITHM (DGA) MALWARE
SYSTEM AND METHODS FOR DETECTING DOMAIN GENERATION ALGORITHM (DGA) MALWARE
展开▼
机译:检测域生成算法(DGA)恶意软件的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
Domain generation algorithm (DGA) malware is detected by intercepting an external time request sent by a potential DGA malware host, and replacing the received real time with an accelerated (future) real time designed to trigger time-dependent DGA activity. The interception and replacement are performed outside the physical or virtual DGA host, on a different physical or virtual system such as a distinct external physical server or router, or distinct hypervisor or virtual machine running on the same physical system, in order to reduce the risk that the DGA malware identifies the time substitution. Failed DGA malware external access requests triggered only at future times are then used to identify domain names generated by the DGA malware, allowing proactive countermeasures.
展开▼