Method And Systems For Detecting Compromised Networks And/or Computers

View/Open

9306969.pdf (1.900Mb)

Date

4/5/2016

Author

Dagon, David

Feamster, Nick

Lee, Wenke

Edmonds, Robert

Lipton, Richard

Ramachandran, Anirudh

Metadata

Show full item record

Abstract

Collect Domain Name System (DNS) data, the DNS data generated by a DNS server and/or similar device, wherein the DNS data comprises DNS queries, wherein the collected DNS data comprises DNS query rate information. Examine the collected DNS data relative to DNS data from known compromised and/or uncompromised computers. Determine an existence of the collection of compromised networks and/or computers, and/or an identity of compromised networks and/or computers, based on the examination.

URI

http://hdl.handle.net/1853/57067

Collections

Georgia Tech Patents [1390]