Patent · US Active

Finding malicious domains with DNS query pattern analysis

US11856010B2 · kind B2 · utility

0Cited by

11References

25Claims

0Family size

Assignee

Palo Alto Networks, Inc. · US

Inventors

Jun Wang · Sunnyvale, US
Wei Xu · Santa Clara, US

Key dates

Filing date	Feb 16, 2021
Grant date	Dec 26, 2023
Priority date	—
Expiry date	Apr 13, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L61/4511
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Malicious domain finding using DNS query pattern analysis is disclosed. A first DNS query signature and a second DNS query signature are generated, using a set of DNS query records. The first and second DNS query signatures are compared, and the second DNS query signature is identified as malicious based on a detected match between the first and second DNS query signatures.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.