Method and System for Detecting and Responding to Attacking Networks

TitleMethod and System for Detecting and Responding to Attacking Networks
Publication TypePatents
Year of Publication2008
AuthorsDagon D, Feamster N, Lee W, Edmonds R, Lipton R, Ramachandran A
Secondary AuthorsDamballa I.
Patent Version Number11/538,212
Date Published2008/01/31/
Abstract

A system and method for detecting a first network of compromised computers in a second network of computers, comprising: collecting Domain Name System (DNS) data for the second network; examining the collected data relative to DNS data from known comprised and/or uncompromised computers in the second network; and determining the existence of the first network and/or the identity of compromised computers in the second network based on the examination.

URLhttp://www.google.com/patents?id=TYunAAAAEBAJ