icon-carat-right menu search cmu-wordmark

Detecting Malicious IPs and Domain Names by Fusing Threat Feeds and Passive DNS through Graph Inference

Presentation
In this presentation, the authors give security analysts a tool to connect the dots and uncover more malicious activity on their network faster and more accurately.
Publisher

Mitre

Abstract

Network security analysts routinely collect large volumes of network and application log data, but the analysis of this data is largely unsophisticated. Threat Feeds inundate analysts with tips on malicious IPs and domain names. In this presentation, we give security analysts a tool to connect the dots and uncover more malicious activity on their network faster and more accurately.