Method And System For Detecting And Responding To Attacking Networks

View/Open

8566928.pdf (1.611Mb)

Date

10/22/2013

Author

Dagon, David

Feamster, Nick

Lee, Wenke

Edmonds, Robert

Lipton, Richard

Ramachandran, Anirudh

Metadata

Show full item record

Abstract

A system and method for detecting a first network of compromised computers in a second network of computers, comprising: collecting Domain Name System (DNS) data for the second network; examining the collected data relative to DNS data from known comprised and/or uncompromised computers in the second network; and determining the existence of the first network and/or the identity of compromised computers in the second network based on the examination.

URI

http://hdl.handle.net/1853/56822

Collections

Georgia Tech Patents [1390]