Dynadot

security Mind-reading DNS security analysis offers early warning for APT attacks

Spaceship Spaceship
Watch

News

Hand-picked NewsTop Member
Impact
3,707
Security firm OpenDNS is applying ideas from natural language processing to automatically identify malicious domains using a prototype tool called NLPRank, as a blog post by the firm explains.
Natural language processing techniques are common in bioinformatics and data mining. OpenDNS Security Labs' work so far shows that the technique offers a new way to zone in on domains used by APT-style cyber-espionage attacks as well as a mechanism to tease out links between hacker groups.
OpenDNS collaborated with Fox-IT in its research discovering links between the DarkHotel and Carbanak attacks. For example, the update-java[.]net domain was used for command-and-control in both the Anunak and Carbanak attack campaigns.
Both the Anunak and Carbanak attack campaigns involve profit-motivated attacks on the banking system, reckoned to be the handiwork of sophisticated Russian hacking groups. OpenDNS reckons its Big Data analysis of DNS data would work as well in linking and even thwarting cyber-espionage hacks.
Full Article: http://www.theregister.co.uk/2015/03/06/precog_dns_security/
 
0
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back