BLOCKING AND ALERTING WITH DOMAIN FRONTING INTELLIGENCE

BLOCKING AND ALERTING WITH DOMAIN FRONTING INTELLIGENCE

This disclosure describes techniques and mechanisms for improving blocking and alerting with domain fronting intelligence. The techniques may identify Internet infrastructure that supports domain fronting through passive data collection and active scanning of the data. The results of the active scan...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Anderson, Blake Harrell, McGrew, David Arthur
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This disclosure describes techniques and mechanisms for improving blocking and alerting with domain fronting intelligence. The techniques may identify Internet infrastructure that supports domain fronting through passive data collection and active scanning of the data. The results of the active scanning are then used to generate enhanced threat intelligence feeds that associate indicators of compromise with their support of domain fronting. The new feeds are then used to perform more aggressive blocking, raise weak alerts that can be correlated to other alerts, and to create a more secure DNS system by de-prioritizing infrastructure that supports domain fronting for DNS responses.