Patent · US Active

Finding malicious domains with DNS query pattern analysis

US10958668B1 · kind B1 · utility

3Cited by

9References

23Claims

0Family size

Assignee

Palo Alto Networks, Inc. · US

Inventors

Jun Wang · Sunnyvale, US
Wei Xu · Santa Clara, US

Key dates

Filing date	Dec 21, 2017
Grant date	Mar 23, 2021
Priority date	—
Expiry date	Mar 14, 2038

Classification

Technology area (CPC H)Electricity
CPC primaryH04L61/4511
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Malicious domain finding using DNS query pattern analysis is disclosed. A first DNS query signature and a second DNS query signature are generated, using a set of DNS query records. The first and second DNS query signatures are compared, and the second DNS query signature is identified as malicious based on a detected match between the first and second DNS query signatures.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.