| 摘要 |
<p>A method and a system for malware detection and mitigation. The method comprises computing means for capturing suspicious data traffic through a plurality of access nodes in a communication network characterized in that it comprises: a) detecting, a monitor module, said suspicious data traffic passing through said plurality of access nodes in the communication network; and b) receiving and analysing, a mitigation module, said suspicious data traffic detected, in order of blocking it in case said suspicious data traffic is infected, the steps a) and b) performed in real time at the origin of the network access node and the suspicious data traffic analysis in said step b) performed based on the inspection and monitoring of a plurality of DNS packets. The system is arranged for implementing the method of the present invention.</p> |
