Patent · US Active

Method and systems for detecting compromised networks and/or computers

US9306969B2 · kind B2 · utility

23Cited by

62References

52Claims

0Family size

Assignee

Georgia Tech Research Corporation · US

Inventors

David Dagon · Tampa, US
Nick Feamster · Atlanta, US
Wenke Lee · Atlanta, US
Robert Edmonds · Chagrin Falls, US
Richard J. Lipton · Atlanta, US
Anirudh Ramachandran · Atlanta, US

Key dates

Filing date	Aug 30, 2013
Grant date	Apr 5, 2016
Priority date	—
Expiry date	Aug 30, 2033

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/144
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Collect Domain Name System (DNS) data, the DNS data generated by a DNS server and/or similar device, wherein the DNS data comprises DNS queries, wherein the collected DNS data comprises DNS query rate information. Examine the collected DNS data relative to DNS data from known compromised and/or uncompromised computers. Determine an existence of the collection of compromised networks and/or computers, and/or an identity of compromised networks and/or computers, based on the examination.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.