Discovering domain associations for watering hole attack detection

Invention Grant

US10313390B1 Discovering domain associations for watering hole attack detection 有权

Please log in to see more content

Patent Title: Discovering domain associations for watering hole attack detection
Application No.: US14976156

Application Date: 2015-12-21
Publication No.: US10313390B1

Publication Date: 2019-06-04
Inventor: Anirudh Kondaveeti , Jin Yu
Applicant: EMC Corporation
Applicant Address: US MA Hopkinton
Assignee: EMC IP Holding Company, LLC
Current Assignee: EMC IP Holding Company, LLC
Current Assignee Address: US MA Hopkinton
Agent Barry N. Young
Main IPC: H04L29/06
IPC: H04L29/06

Discovering domain associations for watering hole attack detection

Abstract:

One or more proxy logs are processed in order to generate a plurality of domain sequences. One or more domain sequences which have low support and high confidence within the plurality of domain sequences are identified. The identified domain sequences are flagged as including one or more of the following: an infected watering hole domain or an exploit kit host.

Information query

Espacenet