Identification and inspection of outlier domain name system requests
US12432237B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 22, 2023 |
| Grant date | Sep 30, 2025 |
| Priority date | — |
| Expiry date | Dec 23, 2043 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1416
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The technology disclosed herein enables identification of outlier DNS requests so the identified requests can be inspected to determine whether the identified requests may be associated with suspicious activity. In a particular example, a method provides determining characteristics of a Domain Name System (DNS) request and generating a score for the DNS request from the characteristics. The method further provides grouping a plurality of DNS requests into one or more groups based on a plurality of DNS request scores for the plurality of DNS requests. The plurality of DNS requests occurred in a specified timeframe and include the DNS request. The plurality of DNS request scores includes the score. In response to determining the DNS request is an outlier relative to the one or more groups, the method provides inspecting the DNS request for anomalies.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.