| 发明名称 |
METHODS AND SYSTEMS FOR DETECTING COMPROMISED COMPUTERS |
| 摘要 |
A system and method for detecting a first network of compromised computers in a second network of computers, comprising: collecting Domain Name System (DNS) data for the second network; examining the collected data relative to DNS data from known comprised and/or uncompromised computers in the second network; and determining the existence of the first network and/or the identity of compromised computers in the second network based on the examination. |
| 申请公布号 |
US2016156660(A1) |
申请公布日期 |
2016.06.02 |
| 申请号 |
US201615019272 |
申请日期 |
2016.02.09 |
| 申请人 |
GEORGIA TECH RESEARCH CORPORATION |
发明人 |
DAGON David;FEAMSTER Nick;LEE Wenke;EDMONDS Robert;LIPTON Richard;RAMACHANDRAN Anirudh |
| 分类号 |
H04L29/06;H04L29/12 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of detecting a first network of compromised computers in a second network of computers, comprising:
collecting Domain Name System (DNS) data for the second network; examining the collected data relative to DNS data from known comprised and/or uncompromised computers in the second network; and determining the existence of the first network and/or the identity of compromised computers in the second network based on the examination. |
| 地址 |
ATLANTA GA US |
