Patenton — panteon of patents

(19)

RU

(11)

2 777 348

(13)

C1

(51)

IPC

G06F21/55(2013-01-01)

H04L61/4511(2022-01-01)

(21) (22)

Application

2021124547, 2021-08-19

(24)

Start date

2021-08-19

(22)

Actual filing date

2021-08-19

(45)

Published

2022-08-02

(72)

Inventor

Afonin Anton Viktorovich

(73)

Holder

Obshchestvo S Ogranichennoj Otvetstvennostyu Ajbi Tds"

COMPUTING APPARATUS AND METHOD FOR IDENTIFYING COMPROMISED APPARATUSES BASED ON DNS TUNNELLING DETECTION Russian patent published in 2022 - IPC G06F21/55 H04L61/4511 

Abstract RU 2777348 C1

FIELD: information security.

SUBSTANCE: computer-implemented method for identifying compromised apparatuses using DNS tunnelling includes the following stages: receiving the traffic of the protected network infrastructure; retrieving at least one DNS query from the traffic; filtering the list of identified DNS queries while excluding the queries for previously determined types of domain names therefrom; feeding each of the multiple domain names remaining in the list one by one to the input of a pre-trained deciding rule; if at least one domain name has received a negative estimation of the deciding rule, increasing the penalty for the apparatus having output at least one DNS query containing said domain name; if the total penalty of at least one apparatus exceeds the predetermined threshold, data of the device is considered compromised, wherein a notification thereof is displayed.

EFFECT: increase in the accuracy of identifying compromised apparatuses based on DNS tunnelling detection.

13 cl, 3 dwg

Similar patents RU2777348C1

Title Year Author Number
COMPUTING DEVICE AND METHOD FOR DETECTING MALICIOUS DOMAIN NAMES IN NETWORK TRAFFIC 2018
  • Kislitsin Nikita Igorevich
 RU2668710C1
METHOD AND SYSTEM FOR DYNAMIC GLOBAL IDENTIFICATION OF USER'S ENVIRONMENT 2020
  • Batenev Aleksandr Viktorovich
  • Krylov Pavel Vladimirovich
 RU2751436C1
SYSTEM AND METHOD FOR ACTIVE DETECTION OF MALICIOUS NETWORK RESOURCES 2021
  • Volkov Dmitrij Aleksandrovich
  • Prudkovskij Nikolaj Sergeevich
 RU2769075C1
SYSTEM AND METHOD FOR OUTSIDE CONTROL OF THE CYBERATTACK SURFACE 2021
  • Bobak Tim Dzhon Oskar
  • Volkov Dmitrij Aleksandrovich
 RU2778635C1
METHOD AND A COMPUTER FOR INFORMING ON MALICIOUS WEB RESOURCES 2018
  • Kalinin Alexander Sergeevich
 RU2701040C1
METHOD AND SYSTEM FOR DETECTING THE INFRASTRUCTURE OF A MALICIOUS SOFTWARE OR A CYBERCRIMINAL 2020
  • Volkov Dmitrij Aleksandrovich
  • Mileshin Filipp Alekseevich
 RU2722693C1
MALWARE FILES IN NETWORK TRAFFIC DETECTION SERVER AND METHOD 2018
  • Kislitsin Nikita Igorevich
  • Andreev Nikolay Nikolaevich
 RU2680736C1
SYSTEM AND METHOD OF AUTOGENERATION OF DECISION RULES FOR INTRUSION DETECTION SYSTEMS WITH FEEDBACK 2016
  • Kislitsin Nikita Igorevich
 RU2634209C1
SYSTEM AND METHOD OF DETECTING THE SIGNS OF COMPUTER ATTACKS 2017
  • Gordejchik Sergej Vladimirovich
  • Sapronov Konstantin Vladimirovich
  • Parshin Yurij Gennadevich
  • Kheirkhabarov Tejmur Samedovich
  • Soldatov Sergej Vladimirovich
 RU2661533C1
METHOD AND COMPUTING DEVICE FOR DETECTING TARGET MALICIOUS WEB RESOURCE 2022
  • Rozhnov Ilia Olegovich
 RU2791824C1

RU 2 777 348 C1

Authors

Afonin Anton Viktorovich

Dates

2022-08-02Published

2021-08-19Filed

download Download PDF read Similar patents