| 发明名称 | Network protection service | ||
| 摘要 | A network protection method is provided. The network protection method may include receiving a Domain Name System (DNS) request, logging the DNS request, classifying the DNS request based on an analysis of a DNS name associated with the DNS request, taking a security action based on the classification, analyzing network traffic after taking the security action, and providing substantially real-time feedback associated with the network traffic to improve future DNS request classifications. The method may further include receiving a DNS response and logging the DNS response. The analysis of the DNS name may include receiving DNS data related to the DNS name from a plurality of sources, receiving reputation data related to the plurality of sources, scoring each of the plurality of sources based on the reputation data, and aggregating the DNS data related to the DNS name based on the scoring. | ||
| 申请公布号 | US9185127(B2) | 申请公布日期 | 2015.11.10 |
| 申请号 | US201113177504 | 申请日期 | 2011.07.06 |
| 申请人 | Nominum, Inc. | 发明人 | Neou Vivian;Wilbourn Robert S.;Wu Handong;Liu Eileen;Shannon Colleen;Bretheim Sam |
| 分类号 | H04L29/06;G06F21/55 | 主分类号 | H04L29/06 |
| 代理机构 | Carr & Ferrell LLP | 代理人 | Carr & Ferrell LLP |
| 主权项 | 1. A network protection method, the method comprising: receiving, within an internet service provider network, a Domain Name System (DNS) request in a system including a DNS resolver; logging the DNS request; classifying the DNS request based on an analysis of a DNS name associated with the DNS request; taking a security action based on the classification; analyzing network traffic and content after taking the security action; and providing a feedback loop based on the analysis of the network traffic to improve future DNS request classifications, in which the feedback loop refers to live, real-time collection of DNS usage patterns from various network protection system (NPS) deployments. | ||
| 地址 | Redwood City CA US | ||