Infoblox has patented a system for automated identification of false positives in DNS tunneling detectors. The system receives passive DNS data, extracts features for each domain, and classifies DNS tunneling activities to reduce false positives. The processor is configured to classify activities using a trained model. GlobalData’s report on Infoblox gives a 360-degree view of the company including its patenting strategy. Buy the report here.
Smarter leaders trust GlobalData
According to GlobalData’s company profile on Infoblox, Network traffic analysis was a key innovation area identified from patents. Infoblox's grant share as of February 2024 was 83%. Grant share is based on the ratio of number of grants to total number of patents.
Automated identification of false positives in dns tunneling detectors
A recently granted patent (Publication Number: US11916942B2) discloses a system designed to detect and classify DNS tunneling activities by analyzing passive DNS data. The system includes a processor that extracts various features from the passive DNS data, such as unique sub-prefix counts, total query numbers, and time spans between observations. These features are then used to classify DNS tunneling activities and reduce false positives. The processor utilizes a model trained on known tunnel domains and non-tunnel domains to differentiate between DNS tunnels and non-tunnels. Additionally, the system can automatically filter domains, utilize name server information, and consider retransmission rates to enhance its analysis. In response to detecting malicious DNS tunneling activities, the system can perform mitigation actions to address potential threats effectively.
Furthermore, the patent also covers a method and a computer program product embodying the same principles as the system. The method involves receiving passive DNS data, extracting features, classifying DNS tunneling activities, and reducing false positives using a trained model. Similar to the system, the method can preprocess data, incorporate name server information, and consider retransmission rates for a comprehensive analysis. Mitigation actions are taken upon detecting malicious DNS tunneling activities to ensure the security and integrity of the network. The computer program product, stored in a tangible medium, provides instructions for implementing the method effectively. Overall, the patent aims to enhance cybersecurity measures by accurately detecting and responding to DNS tunneling activities through advanced data analysis techniques and mitigation strategies.
To know more about GlobalData’s detailed insights on Infoblox, buy the report here.
Premium Insights
From
The gold standard of business intelligence.
Blending expert knowledge with cutting-edge technology, GlobalData’s unrivalled proprietary data will enable you to decode what’s happening in your market. You can make better informed decisions and gain a future-proof advantage over your competitors.
GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article.
GlobalData Patent Analytics tracks bibliographic data, legal events data, point in time patent ownerships, and backward and forward citations from global patenting offices. Textual analysis and official patent classifications are used to group patents into key thematic areas and link them to specific companies across the world’s largest industries.
