首页> 外国专利> Method and system for detecting DGA-based malware

Method and system for detecting DGA-based malware

机译：基于DGA的恶意软件检测方法及系统

页面导航

摘要
著录项
相似文献

摘要

System and method for detecting a domain generation algorithm (DGA), comprising: performing processing associated with clustering, utilizing a name-based features clustering module accessing information from an electronic database of NX domain information, the randomly generated domain names based on the similarity in the make-up of the randomly generated domain names; performing processing associated with clustering, utilizing a graph clustering module, the randomly generated domain names based on the groups of assets that queried the randomly generated domain names; performing processing associated with determining, utilizing a daily clustering correlation module and a temporal clustering correlation module, which clustered randomly generated domain names are highly correlated in daily use and in time; and performing processing associated with determining the DGA that generated the clustered randomly generated domain names.

机译：用于检测域生成算法（DGA）的系统和方法，包括：执行与聚类相关的处理，利用基于名称的特征聚类模块访问来自NX域信息的电子数据库中的信息的基于相似度的随机生成的域名。随机生成的域名的组成;利用图聚类模块，基于查询所述随机生成域名的资产组，进行与所述聚类相关的处理;利用每日聚类相关模块和时间聚类相关模块，进行与确定聚类的随机产生的域名在日常使用和时间上高度相关的处理。执行与确定生成集群的随机生成域名的DGA相关的处理。

著录项

公开/公告号US9922190B2

专利类型
公开/公告日2018-03-20

原文格式PDF
申请/专利权人 DAMBALLA INC.;
展开▼

申请/专利号US201313749205
发明设计人 MANOS ANTONAKAKIS;WENKE LEE;NIKOLAOS VASILOGLOU II;ROBERTO PERDISCI;
展开▼

申请日2013-01-24
分类号H04L29/06;G06F21/55;G06F21/56;
国家 US
入库时间 2022-08-21 12:57:42

相似文献

专利
外文文献
中文文献