发明名称 |
Method and system for detecting malware |
摘要 |
A system and method of analysis. NX domain names are collected from an asset in a real network. The NX domain names are domain names that are not registered. The real network NX domain names are utilized to create testing vectors. The testing vectors are classified as benign vectors or malicious vectors based on training vectors. The asset is then classified as infected if the NX testing vector created from the real network NX domain names is classified as a malicious vector.
|
申请公布号 |
US8578497(B2) |
申请公布日期 |
2013.11.05 |
申请号 |
US20110985140 |
申请日期 |
2011.01.05 |
申请人 |
ANTONAKAKIS EMMANOUIL;PERDISCI ROBERTO;LEE WENKE;OLLMANN GUNTER;DAMBALLA, INC. |
发明人 |
ANTONAKAKIS EMMANOUIL;PERDISCI ROBERTO;LEE WENKE;OLLMANN GUNTER |
分类号 |
G06F11/00;G06F15/173;H04L29/06 |
主分类号 |
G06F11/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|