-
公开(公告)号:US20170295187A1
公开(公告)日:2017-10-12
申请号:US15091705
申请日:2016-04-06
Applicant: Cisco Technology, Inc.
Inventor: Jiri Havelka , Michal Sofka , Martin Rehák
IPC: H04L29/06
CPC classification number: H04L63/1408 , H04L63/1441 , H04L63/1483 , H04L2463/144 , H04L2463/146
Abstract: In one embodiment, a security device identifies, from monitored network traffic of one or more users, one or more suspicious domain names as candidate domains, the one or more suspicious domain names identified based on an occurrence of linguistic units used in discovered domain names within the monitored network traffic. The security device may then determine one or more features of the candidate domains, and confirms certain domains of the candidate domains as malicious domains using a parameterized classifier against the one or more features.
-
公开(公告)号:US10178107B2
公开(公告)日:2019-01-08
申请号:US15091705
申请日:2016-04-06
Applicant: Cisco Technology, Inc.
Inventor: Ji{hacek over (r)}í Havelka , Michal Sofka , Martin Rehák
IPC: H04L29/06
Abstract: In one embodiment, a security device identifies, from monitored network traffic of one or more users, one or more suspicious domain names as candidate domains, the one or more suspicious domain names identified based on an occurrence of linguistic units used in discovered domain names within the monitored network traffic. The security device may then determine one or more features of the candidate domains, and confirms certain domains of the candidate domains as malicious domains using a parameterized classifier against the one or more features.
-
Search Results
2
records
(took 0.011 seconds)
