1
Manos Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou: Method and system for detecting malicious domain names at an upper DNS hierarchy. Damballa, DLA Piper US, January 14, 2014: US08631489 (40 worldwide citation)

A method and system for detecting a malicious domain name, comprising: collecting domain name statistical information from a non-recursive domain name system name server (RDNS NS); and utilizing the collected domain name statistical information to determine if a domain name is malicious or benign.


2
Emmanouil Antonakakis, Roberto Perdisci, Wenke Lee, Gunter Ollmann: Method and system for detecting malware. Damballa, DLA Piper US, November 5, 2013: US08578497 (23 worldwide citation)

A system and method of analysis. NX domain names are collected from an asset in a real network. The NX domain names are domain names that are not registered. The real network NX domain names are utilized to create testing vectors. The testing vectors are classified as benign vectors or malicious vec ...


3
Manos Antonakakis, Roberto Perdisci, David Dagon, Wenke Lee: Method and system for determining whether domain names are legitimate or malicious. Damballa, Pepper Hamilton, December 6, 2016: US09516058 (13 worldwide citation)

A system and method for determining whether at least one domain is legitimate or malicious by obtaining passive DNS query information, using the passive DNS query information to measure statistical features of known malicious domain names and known legitimate domain names, and using the statistical ...


4
Manos Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou II: Method and system for detecting malicious domain names at an upper DNS hierarchy. Damballa, Pepper Hamilton, June 20, 2017: US09686291 (3 worldwide citation)

A method and system for detecting a malicious domain name, comprising: collecting domain name statistical information from a non-recursive domain name system name server (RDNS NS); and utilizing the collected domain name statistical information to determine if a domain name is malicious or benign.


5
Roberto Perdisci, Wenke Lee: Method and system for detecting malicious and/or botnet-related domain names. Damballa, Pepper Hamilton, July 17, 2018: US10027688 (1 worldwide citation)

A method and system of detecting a malicious and/or botnet-related domain name, comprising: reviewing a domain name used in Domain Name System (DNS) traffic in a network; searching for information about the domain name, the information related to: information about the domain name in a domain name w ...


6
Roberto Perdisci, Wenke Lee, Gunter Ollmann: Method and system for network-based detecting of malware from behavioral clustering. Damballa, Pepper Hamilton, April 17, 2018: US09948671

A computerized system and method for performing behavioral clustering of malware samples, comprising: executing malware samples in a controlled computer environment for a predetermined time to obtain Hypertext Transfer Protocol. HTTP traffic; clustering the malware samples into at least one cluster ...


7
Terry Lee Nelms, Roberto Perdisci: Measuring, categorizing, and/or mitigating malware distribution paths. University of Georgia Research Foundation, Dambala, Pepper Hamilton, March 27, 2018: US09930065

Systems and methods for event path traceback may utilize a processor and a path traceback and categorization (ATC) module in communication with the processor. The processor may be configured to perform processing associated with receiving network traffic from a network. The ATC module may be configu ...


8
Manos Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou II: Method and system for detecting DGA-based malware. Damballa, Pepper Hamilton, March 20, 2018: US09922190

System and method for detecting a domain generation algorithm (DGA), comprising: performing processing associated with clustering, utilizing a name-based features clustering module accessing information from an electronic database of NX domain information, the randomly generated domain names based o ...


9
Marco Balduzzi, Babak Rahbarinia, Roberto Perdisci: System and method for protecting computer against remote malware downloads. Trend Micro Incorporated, Okamoto & Benedicto, August 21, 2018: US10057279

A system for protecting computers against remote malware downloads includes a malware download detection system and participating client computers that provide download event information to the malware download detection system. A download event information identifies a file, a network address (e.g. ...


10
Roberto PERDISCI, Wenke LEE: Method and system for detecting malicious and/or botnet-related domain names. Dla Piper Us, February 11, 2010: US20100037314-A1

A method and system of detecting a malicious and/or botnet-related domain name, comprising: reviewing a domain name used in Domain Name System (DNS) traffic in a network; searching for information about the domain name, the information related to: information about the domain name in a domain name w ...