公开(公告)号：US10547638B1

公开(公告)日：2020-01-28

申请号：US15466383

申请日：2017-03-22

申请人： CA, Inc.

发明人： Feng Li ,  Adam Glick ,  Akshata Krishnamoorthy Rao ,  Douglas Schlatter

IPC分类号： H04L29/06 ,  H04L29/12

摘要： A method for detecting name resolution spoofing is described. In one embodiment, the method includes identifying a request to resolve a host name, identifying a hostname specified in a response to the request, identifying an actual hostname associated with the response, analyzing the hostname specified in relation to the actual hostname, and performing a security action based at least in part on the analysis.

公开(公告)号：US10565373B1

公开(公告)日：2020-02-18

申请号：US15437759

申请日：2017-02-21

申请人： CA, Inc.

发明人： Akshata Krishnamoorthy Rao ,  Douglas Schlatter ,  Adam Glick ,  Feng Li

IPC分类号： H04L29/06 ,  G06F21/55

摘要： A method for behavioral analysis of scripting utility usage in an enterprise is described. In one embodiment, the method describes receiving, by a processor, data associated with execution of a scripting utility operating on a plurality of computing devices; executing a clustering algorithm on the received data; identifying at least one cluster based at least in part on executing the clustering algorithm; identifying an existence of an anomalous event associated with the scripting utility based at least in part on executing the clustering algorithm; and transmitting an indication of the anomalous event to an administrator.