Conference Paper (international conference)
, , ,
: NIPS Workshop: Advances in Approximate Bayesian Inference, p. 1-10
: NIPS workshop: Advances in Approximate Bayesian Inference, (Montreal, CA, 11.12.2015)
: GA15-08916S, GA ČR
: variational bayes, malicious domain detection, large scale network
: http://library.utia.cas.cz/separaty/2016/AS/smidl-0455622.pdf
(eng): The common limitation in computer network security is the reactive nature of defenses. A new type of infection typically needs to be first observed live, before defensive measures can be taken. To improve the pro-active measures, we have developed a method utilizing WHOIS database (database of entities that has registered a particular domain) to model relations between domains even those not yet used. The model estimates the probability of a domain name being used for malicious purposes from observed connections to other related domains. The parameters of the model is inferred by a Variational Bayes method, and its effectiveness is demonstrated on a large-scale network data with millions of domains and trillions of connections to them.
: BD