Invention Grant
- Patent Title: Methods, systems, and computer readable media for detecting a compromised computing host
-
Application No.: US14773660Application Date: 2014-03-05
-
Publication No.: US09934379B2Publication Date: 2018-04-03
- Inventor: Fabian Monrose , Teryl Taylor , Srinivas Krishnan , John McHugh
- Applicant: The University of North Carolina at Chapel Hill
- Applicant Address: US NC Chapel Hill
- Assignee: The University of North Carolina at Chapel Hill
- Current Assignee: The University of North Carolina at Chapel Hill
- Current Assignee Address: US NC Chapel Hill
- Agency: Jenkins, Wilson, Taylor & Hunt, P.A.
- International Application: PCT/US2014/020683 WO 20140305
- International Announcement: WO2014/138205 WO 20140912
- Main IPC: G06F21/56
- IPC: G06F21/56 ; G06F21/57 ; H04L29/06
Abstract:
Methods, systems, and computer readable media for detecting a compromised computing host are disclosed. According to one method, the method includes receiving one or more domain name system (DNS) non-existent domain (NX) messages associated with a computing host. The method also includes determining, using a host score associated with one or more unique DNS zones or domain names included in the one or more DNS NX messages, whether the computing host is compromised. The method further includes performing, in response to determining that the computing host is compromised, a mitigation action.
Public/Granted literature
- US20160026796A1 METHODS, SYSTEMS, AND COMPUTER READABLE MEDIA FOR DETECTING A COMPROMISED COMPUTING HOST Public/Granted day:2016-01-28
Information query
