Invention Grant
US09363269B2 Zero day threat detection based on fast flux detection and aggregation
有权
基于快速通量检测和聚合的零日威胁检测
- Patent Title: Zero day threat detection based on fast flux detection and aggregation
- Patent Title (中): 基于快速通量检测和聚合的零日威胁检测
-
Application No.: US14446836Application Date: 2014-07-30
-
Publication No.: US09363269B2Publication Date: 2016-06-07
- Inventor: Subbu Srinivasan
- Applicant: Subbu Srinivasan
- Applicant Address: US CA San Jose
- Assignee: Zscaler, Inc.
- Current Assignee: Zscaler, Inc.
- Current Assignee Address: US CA San Jose
- Agency: Clements Bernard PLLC
- Agent Lawrence A. Baratta, Jr.; Christopher L. Bernard
- Main IPC: H04L29/06
- IPC: H04L29/06 ; H04L12/733
Abstract:
A method in a cloud-based security system includes operating a Domain Name System (DNS) resolution service, proxy, or monitor in the cloud-based security system; receiving DNS records with time-to-live (TTL) parameters; checking the TTL parameters for indication of a fast flux technique; and detecting domains performing the fast flux technique based on the DNS records. A cloud-based security system includes a plurality of nodes communicatively coupled to one or more users; and a Domain Name System (DNS) service providing a resolution service, proxy, or monitor in the cloud-based security system; wherein the DNS service is configured to receive DNS records with time-to-live (TTL) parameters; check the TTL parameters for indication of a fast flux technique; and detect domains performing the fast flux technique based on the DNS records.
Public/Granted literature
- US20160036816A1 ZERO DAY THREAT DETECTION BASED ON FAST FLUX DETECTION AND AGGREGATION Public/Granted day:2016-02-04
Information query
