Detecting Malicious IPs and Domain Names by Fusing Threat Feeds and Passive DNS through Graph Inference
• Presentation
In this presentation, the authors give security analysts a tool to connect the dots and uncover more malicious activity on their network faster and more accurately.
Publisher
Mitre
Topic or Tag
Abstract
Network security analysts routinely collect large volumes of network and application log data, but the analysis of this data is largely unsophisticated. Threat Feeds inundate analysts with tips on malicious IPs and domain names. In this presentation, we give security analysts a tool to connect the dots and uncover more malicious activity on their network faster and more accurately.