×

Detecting botnets

  • US 8,661,544 B2
  • Filed: 08/31/2010
  • Issued: 02/25/2014
  • Est. Priority Date: 08/31/2010
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • receiving, at a first sensor, first domain name system (DNS) information including one or more first internet protocol (IP) addresses corresponding to a first domain name;

    determining a first number of unique subnets which are based on the one or more first IP addresses and which are unique in all subnet classes;

    sending, to one or more other sensors, a first alert that includes the first DNS information when the first number of unique subnets exceeds a first threshold;

    wherein the method is performed by one or more processors.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×