首页>
外国专利>
Method and system for detecting DGA-based malware
Method and system for detecting DGA-based malware
展开▼
机译:基于DGA的恶意软件检测方法及系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
System and method for detecting a domain generation algorithm (DGA), comprising: performing processing associated with clustering, utilizing a name-based features clustering module accessing information from an electronic database of NX domain information, the randomly generated domain names based on the similarity in the make-up of the randomly generated domain names; performing processing associated with clustering, utilizing a graph clustering module, the randomly generated domain names based on the groups of assets that queried the randomly generated domain names; performing processing associated with determining, utilizing a daily clustering correlation module and a temporal clustering correlation module, which clustered randomly generated domain names are highly correlated in daily use and in time; and performing processing associated with determining the DGA that generated the clustered randomly generated domain names.
展开▼