The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Apr. 29, 2014
Filed:
May. 13, 2011
Ramakant Pandrangi, Vienna, VA (US);
Nicholas G. Feamster, Atlanta, GA (US);
Shuang Hao, Atlanta, GA (US);
Ramakant Pandrangi, Vienna, VA (US);
Nicholas G. Feamster, Atlanta, GA (US);
Shuang Hao, Atlanta, GA (US);
Verisign, Inc., Reston, VA (US);
Georgia Tech Research Corporation, Atlanta, GA (US);
Abstract
Systems and methods are disclosed for identifying domains as malicious based on Internet-wide DNS lookup patterns. Disclosed embodiments look for variance in the servers that look up a domain and also look at the popularity growth (quantity of queries from unique addresses) of a domain after registration to identify malicious domains. Other disclosed embodiments measure the similarity of servers that query a domain and cluster domains based on the similarity of those servers. Disclosed embodiments may use such temporal and spatial lookup patterns as input to a blacklist process to more effectively and quickly blacklist domains based on their Internet-wide lookup patterns.