Method And System For Detecting And Responding To Attacking Networks

View/ Open
Date
10/22/2013Author
Dagon, David
Feamster, Nick
Lee, Wenke
Edmonds, Robert
Lipton, Richard
Ramachandran, Anirudh
Metadata
Show full item recordAbstract
A system and method for detecting a first network of compromised computers in a second network of computers, comprising: collecting Domain Name System (DNS) data for the second network; examining the collected data relative to DNS data from known comprised and/or uncompromised computers in the second network; and determining the existence of the first network and/or the identity of compromised computers in the second network based on the examination.
Collections
- Georgia Tech Patents [1761]