SG11202112342SA - Systems and methods for using dns messages to selectively collect computer forensic data - Google Patents
Systems and methods for using dns messages to selectively collect computer forensic dataInfo
- Publication number
- SG11202112342SA SG11202112342SA SG11202112342SA SG11202112342SA SG11202112342SA SG 11202112342S A SG11202112342S A SG 11202112342SA SG 11202112342S A SG11202112342S A SG 11202112342SA SG 11202112342S A SG11202112342S A SG 11202112342SA SG 11202112342S A SG11202112342S A SG 11202112342SA
- Authority
- SG
- Singapore
- Prior art keywords
- systems
- methods
- forensic data
- selectively collect
- dns messages
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y40/00—IoT characterised by the purpose of the information processing
- G16Y40/10—Detection; Monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/07—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
- H04L51/18—Commands or executable codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/212—Monitoring or handling of messages using filtering or selective blocking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/214—Monitoring or handling of messages using selective forwarding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/48—Message addressing, e.g. address format or anonymous messages, aliases
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/59—Network arrangements, protocols or services for addressing or naming using proxies for addressing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
- H04L67/303—Terminal profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0281—Proxies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US16/405,140 US10862854B2 (en) | 2019-05-07 | 2019-05-07 | Systems and methods for using DNS messages to selectively collect computer forensic data |
| PCT/EP2020/068644 WO2020229707A1 (en) | 2019-05-07 | 2020-07-02 | Systems and methods for using dns messages to selectively collect computer forensic data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| SG11202112342SA true SG11202112342SA (en) | 2021-12-30 |
Family
ID=70617100
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| SG11202112342SA SG11202112342SA (en) | 2019-05-07 | 2020-07-02 | Systems and methods for using dns messages to selectively collect computer forensic data |
Country Status (10)
| Country | Link |
|---|---|
| US (1) | US10862854B2 (ja) |
| EP (1) | EP3967018A1 (ja) |
| JP (1) | JP7518859B2 (ja) |
| KR (1) | KR102580898B1 (ja) |
| CN (1) | CN114145004B (ja) |
| AU (1) | AU2020276394A1 (ja) |
| CA (1) | CA3139029A1 (ja) |
| IL (1) | IL287863A (ja) |
| SG (1) | SG11202112342SA (ja) |
| WO (2) | WO2020225258A1 (ja) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018122640A1 (en) * | 2016-12-30 | 2018-07-05 | Redsocks Security Holdings Bv | System for preparing network traffic for fast analysis |
| US10862854B2 (en) * | 2019-05-07 | 2020-12-08 | Bitdefender IPR Management Ltd. | Systems and methods for using DNS messages to selectively collect computer forensic data |
| WO2021168714A1 (zh) * | 2020-02-26 | 2021-09-02 | 华为技术有限公司 | 一种发现应用的方法、装置及*** |
| US11144671B1 (en) * | 2021-01-30 | 2021-10-12 | Zoom Video Communications, Inc. | Containment of sensitive data within a communication platform |
| US11727152B2 (en) * | 2021-01-30 | 2023-08-15 | Zoom Video Communications, Inc. | Intelligent detection of sensitive data within a communication platform |
| US11683309B2 (en) | 2021-02-05 | 2023-06-20 | Cisco Technology, Inc. | Nonce-based enterprise security policy enforcement |
| CN114422227B (zh) * | 2022-01-13 | 2022-08-12 | 北京信息职业技术学院 | 一种基于网络安全的数据采集分析*** |
| CN114189393A (zh) * | 2022-02-15 | 2022-03-15 | 北京指掌易科技有限公司 | 一种数据处理方法、装置、设备和存储介质 |
| CN114826758B (zh) * | 2022-05-11 | 2023-05-16 | 绿盟科技集团股份有限公司 | 一种针对域名解析***dns的安全分析方法及装置 |
| US11729142B1 (en) * | 2022-08-25 | 2023-08-15 | Google Llc | System and method for on-demand edge platform computing |
Family Cites Families (35)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5444780A (en) | 1993-07-22 | 1995-08-22 | International Business Machines Corporation | Client/server based secure timekeeping system |
| US8327448B2 (en) | 2005-06-22 | 2012-12-04 | Intel Corporation | Protected clock management based upon a non-trusted persistent time source |
| US8375120B2 (en) * | 2005-11-23 | 2013-02-12 | Trend Micro Incorporated | Domain name system security network |
| US8220031B2 (en) | 2007-05-01 | 2012-07-10 | Texas Instruments Incorporated | Secure time/date virtualization |
| US20090125517A1 (en) * | 2007-11-14 | 2009-05-14 | Qualcomm Incorporated | Method and system for keyword correlation in a mobile environment |
| US8540158B2 (en) * | 2007-12-12 | 2013-09-24 | Yiwu Lei | Document verification using dynamic document identification framework |
| US8576845B2 (en) | 2008-08-22 | 2013-11-05 | Telefonaktiebolaget L M Ericsson (Publ) | Method and apparatus for avoiding unwanted data packets |
| US8667583B2 (en) * | 2008-09-22 | 2014-03-04 | Microsoft Corporation | Collecting and analyzing malware data |
| US8489637B2 (en) * | 2009-11-19 | 2013-07-16 | International Business Machines Corporation | User-based DNS server access control |
| US8260914B1 (en) | 2010-06-22 | 2012-09-04 | Narus, Inc. | Detecting DNS fast-flux anomalies |
| US8516585B2 (en) | 2010-10-01 | 2013-08-20 | Alcatel Lucent | System and method for detection of domain-flux botnets and the like |
| US8707429B2 (en) | 2011-03-31 | 2014-04-22 | Nominum, Inc. | DNS resolution, policies, and views for large volume systems |
| US8763117B2 (en) | 2012-03-02 | 2014-06-24 | Cox Communications, Inc. | Systems and methods of DNS grey listing |
| US9374374B2 (en) * | 2012-06-19 | 2016-06-21 | SecureMySocial, Inc. | Systems and methods for securing social media for users and businesses and rewarding for enhancing security |
| JP5900272B2 (ja) * | 2012-10-02 | 2016-04-06 | 株式会社ソシオネクスト | アクセス制御回路、アクセス制御方法 |
| US20140157405A1 (en) * | 2012-12-04 | 2014-06-05 | Bill Joll | Cyber Behavior Analysis and Detection Method, System and Architecture |
| GB201306628D0 (en) | 2013-04-11 | 2013-05-29 | F Secure Oyj | Detecting and marking client devices |
| US9137211B2 (en) | 2013-05-16 | 2015-09-15 | Cisco Technology, Inc. | Application services based on dynamic split tunneling |
| WO2014195890A1 (en) * | 2013-06-06 | 2014-12-11 | Topspin Security Ltd. | Methods and devices for identifying the presence of malware in a network |
| US20150006362A1 (en) * | 2013-06-28 | 2015-01-01 | Google Inc. | Extracting card data using card art |
| US9009461B2 (en) * | 2013-08-14 | 2015-04-14 | Iboss, Inc. | Selectively performing man in the middle decryption |
| US9405903B1 (en) * | 2013-10-31 | 2016-08-02 | Palo Alto Networks, Inc. | Sinkholing bad network domains by registering the bad network domains on the internet |
| US9325735B1 (en) | 2013-10-31 | 2016-04-26 | Palo Alto Networks, Inc. | Selective sinkholing of malware domains by a security device via DNS poisoning |
| US9912630B2 (en) | 2013-12-13 | 2018-03-06 | Pismo Labs Technology Ltd. | Methods and systems for processing a DNS request |
| EP2916512B1 (en) * | 2014-03-07 | 2016-08-24 | Mitsubishi Electric R&D Centre Europe B.V. | Method for classifying a TCP connection carrying HTTP traffic as a trusted or an untrusted TCP connection |
| US20160036848A1 (en) | 2014-07-31 | 2016-02-04 | Cisco Technology, Inc. | Intercloud security as a service |
| JP6411262B2 (ja) * | 2015-03-26 | 2018-10-24 | シャープ株式会社 | 制御装置およびシステム |
| CA2888087A1 (en) * | 2015-04-17 | 2016-10-17 | Sal Khan | Methods and systems relating to real world document verification |
| US9819696B2 (en) | 2015-11-04 | 2017-11-14 | Bitdefender IPR Management Ltd. | Systems and methods for detecting domain generation algorithm (DGA) malware |
| US10356038B2 (en) | 2015-12-14 | 2019-07-16 | Microsoft Technology Licensing, Llc | Shared multi-tenant domain name system (DNS) server for virtual networks |
| CN106936791B (zh) * | 2015-12-31 | 2021-02-19 | 阿里巴巴集团控股有限公司 | 拦截恶意网址访问的方法和装置 |
| CN108886525B (zh) | 2016-03-09 | 2021-08-20 | 动态网络服务股份有限公司 | 智能域名***转发的方法和装置 |
| US10897475B2 (en) * | 2017-08-10 | 2021-01-19 | Cisco Technology, Inc. | DNS metadata-based signaling for network policy control |
| US11601466B2 (en) * | 2017-09-13 | 2023-03-07 | Comcast Cable Communications, Llc | Identifying malware devices with domain name system (DNS) queries |
| US10862854B2 (en) * | 2019-05-07 | 2020-12-08 | Bitdefender IPR Management Ltd. | Systems and methods for using DNS messages to selectively collect computer forensic data |
-
2019
- 2019-05-07 US US16/405,140 patent/US10862854B2/en active Active
-
2020
- 2020-05-05 WO PCT/EP2020/062440 patent/WO2020225258A1/en active Application Filing
- 2020-07-02 AU AU2020276394A patent/AU2020276394A1/en active Pending
- 2020-07-02 WO PCT/EP2020/068644 patent/WO2020229707A1/en unknown
- 2020-07-02 KR KR1020217039698A patent/KR102580898B1/ko active IP Right Grant
- 2020-07-02 CN CN202080047302.8A patent/CN114145004B/zh active Active
- 2020-07-02 JP JP2021565969A patent/JP7518859B2/ja active Active
- 2020-07-02 SG SG11202112342SA patent/SG11202112342SA/en unknown
- 2020-07-02 EP EP20736661.8A patent/EP3967018A1/en active Pending
- 2020-07-02 CA CA3139029A patent/CA3139029A1/en active Pending
-
2021
- 2021-11-07 IL IL287863A patent/IL287863A/en unknown
Also Published As
| Publication number | Publication date |
|---|---|
| WO2020229707A1 (en) | 2020-11-19 |
| CN114145004B (zh) | 2023-12-29 |
| CA3139029A1 (en) | 2020-11-19 |
| EP3967018A1 (en) | 2022-03-16 |
| WO2020225258A1 (en) | 2020-11-12 |
| US20200358738A1 (en) | 2020-11-12 |
| IL287863A (en) | 2022-01-01 |
| AU2020276394A1 (en) | 2021-12-02 |
| KR102580898B1 (ko) | 2023-09-25 |
| US10862854B2 (en) | 2020-12-08 |
| CN114145004A (zh) | 2022-03-04 |
| JP2022531878A (ja) | 2022-07-12 |
| JP7518859B2 (ja) | 2024-07-18 |
| KR20230004222A (ko) | 2023-01-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| IL287863A (en) | Systems and methods for using a dns message for selective collection of legal information from a computer | |
| EP3320440A4 (en) | Secure data management system and method | |
| EP3718324A4 (en) | METHODS, NETWORK FUNCTIONAL ENTITIES AND COMPUTER-READABLE MEDIA INTENDED FOR DATA COLLECTION | |
| EP3117406A4 (en) | Device, system and method for aggregating networks and serving data from those networks to computers | |
| EP3764879A4 (en) | SYSTEM FOR COLLECTING AND USING HEALTH DATA | |
| EP3373155A4 (en) | Data writing method and device in distributed file system | |
| SG11202000713RA (en) | Waste composition estimation device, system, program, method, and data structure | |
| EP3324296A4 (en) | File data access method and computer system | |
| EP3314828A4 (en) | Systems and methods for routing data using software-defined networks | |
| EP3285430A4 (en) | Method, device and system for live media data | |
| EP3616388A4 (en) | SYSTEMS AND METHODS FOR RECORDING DATA REPRESENTING MULTIPLE INTERACTIONS | |
| EP3288232A4 (en) | Nas data access method, system and relevant device | |
| EP3796199A4 (en) | DATA MANAGEMENT SYSTEM AND DATA MANAGEMENT PROCEDURES | |
| EP3331308A4 (en) | Method and system for data transmission | |
| EP3361385A4 (en) | Data migration method applicable to computer system, and device and computer system utilizing same | |
| EP3729243A4 (en) | SYSTEMS AND METHODS THAT MAY BE CARRIED BY A USER TO COLLECT DATA AND PROVIDE INFORMATION | |
| EP3118850A4 (en) | System and method for providing related content at low power, and computer readable recording medium having program recorded therein | |
| GB201905348D0 (en) | Computer implemented method and system for encrypting data | |
| EP3376381A4 (en) | Resource management method and system, and computer storage medium | |
| EP3313143A4 (en) | Data transmission method, device and system, and computer storage medium | |
| AU2018298108A1 (en) | Systems and methods for data transmission | |
| EP3294001A4 (en) | Digital fronthaul data transmission method, device and system | |
| EP3493072A4 (en) | METHOD AND SYSTEM FOR HARD DISK MANAGEMENT | |
| EP3673303A4 (en) | SYSTEM AND PROCEDURE FOR MULTIPLE AND DYNAMIC METEOROLOGICAL DATA SOURCES | |
| HUP1900254A1 (hu) | Kriptográfiai álnév leképezõ eljárás és számítógépes rendszer, valamint számítógépes program és számítógéppel olvasható adathordozó |