Enterprise DNS analysis
US10362057B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Jun 6, 2017 |
| Grant date | Jul 23, 2019 |
| Priority date | — |
| Expiry date | Nov 5, 2037 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1408
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Provided are methods, network devices, and computer-program products for a domain name system (DNS) threat detection engine for analyzing DNS traffic for potential threats. In various implementations, the DNS threat detection engine can include threat profiles that include characteristics of network threats associated with DNS. When a DNS message includes a characteristic associated with a particular threat profile, a remediation rule associated with the threat profile can be used to modify the DNS message, including modifying the destination for the DNS message. When the DNS message is received at the new destination, the DNS message can be analyzed to determine whether the DNS message is associated with a threat to the network.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.