Main Nav

Apr 4th, 2011
1:00 PM - 4:30 PM
Bonham D/Third Level
Central Time
Session Type: Preconference Seminar
Modern malware is now highly reliant on DNS systems to coordinate communications between infected clients and controlling servers. This dependency can be exploited to detect and mitigate infections. Passive DNS can be used to discover traffic to malicious domains. Domain registration data can be mined for newly active "evil" sites, and blackhole DNS can cut these channels of communication. In this session we will talk about the infrastructure needed for implementing these measures.