Method And Systems For Detecting Compromised Networks And/or Computers

View/ Open
Date
4/5/2016Author
Dagon, David
Feamster, Nick
Lee, Wenke
Edmonds, Robert
Lipton, Richard
Ramachandran, Anirudh
Metadata
Show full item recordAbstract
Collect Domain Name System (DNS) data, the DNS data generated by a DNS server and/or similar device, wherein the DNS data comprises DNS queries, wherein the collected DNS data comprises DNS query rate information. Examine the collected DNS data relative to DNS data from known compromised and/or uncompromised computers. Determine an existence of the collection of compromised networks and/or computers, and/or an identity of compromised networks and/or computers, based on the examination.
Collections
- Georgia Tech Patents [1761]