Patent · US Active

Malware domain detection using passive DNS

US10237283B2 · kind B2 · utility

6Cited by

12References

6Claims

0Family size

Assignee

Palo Alto Networks, Inc. · US

Inventors

Yanxin Zhang · Beijing, CN
Xinran Wang · San Ramon, US
Huagang Xie · Pleasanton, US
Wei Xu · Santa Clara, US

Key dates

Filing date	Jul 18, 2017
Grant date	Mar 19, 2019
Priority date	—
Expiry date	Aug 3, 2037

Classification

Technology area (CPC H)Electricity
CPC primaryH04L61/58
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Techniques for malware domain detection using passive Domain Name Service (DNS) are disclosed. In some embodiments, malware domain detection using passive DNS includes generating a malware association graph that associates a plurality of malware samples with malware source information, in which the malware source information includes a first domain; generating a reputation score for the first domain using the malware association graph and passive DNS information; and determining whether the first domain is a malware domain based on the reputation score for the first domain.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.