Patent · US Active

Detection method for malicious domain name in domain name system and detection device

US11956261B2 · kind B2 · utility

0Cited by

2References

16Claims

0Family size

Assignee

Acer Cyber Security Incorporated · TW

Inventors

Chiung-Ying Huang · Taipei, TW
Yi-Chung Tseng · Taipei, TW
Ming-Kung Sun · Taipei, TW
Tung-Lin Tsai · New Taipei, TW

Key dates

Filing date	May 12, 2021
Grant date	Apr 9, 2024
Priority date	—
Expiry date	Jun 30, 2042

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/144
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A detection method for a malicious domain name in a domain name system (DNS) and a detection device are provided. The method includes: obtaining network connection data of an electronic device; capturing log data related to at least one domain name from the network connection data; analyzing the log data to generate at least one numerical feature related to the at least one domain name; inputting the at least one numerical feature into a multi-type prediction model, which includes a first data model and a second data model; and predicting whether a malicious domain name related to a malware or a phishing website exists in the at least one domain name by the multi-type prediction model according to the at least one numerical feature.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.