Detecting malicious DNS requests using machine learning
US12341786B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Jun 28, 2022 |
| Grant date | Jun 24, 2025 |
| Priority date | — |
| Expiry date | Nov 19, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06N3/08
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Technologies related to malicious DNS request detection are disclosed. A DNS server can use a machine learning model to analyze DNS requests and to detect requests that are potentially malicious. The machine learning model can comprise a neural network (such as a convolutional neural network) that is trained using a corpus of known malicious and non-malicious DNS requests. Data included in a DNS request can be provided as input to a machine learning algorithm (such as a neural network algorithm) that uses the input data and the machine learning model to generate a prediction of whether the DNS request is malicious. If the DNS request is determined to likely be malicious then the request can be blocked (for example by providing a fake address in response to the DNS request). If the DNS request is determined to likely be non-malicious, then the DNS request can be allowed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.