Speaker
Sam Bretheim
(Nominum)
Description
We describe the construction of Nominum's system for large-scale analysis of DNS security data, some of the challenges involved in building that system, and some interesting things that we've found in the data. Particular points of interest include malware command-and-control detection and classification, detection of vulnerabilities and bugs in widespread DNS implementations, and a mysterious global pattern of unusual machine-generated queries.
Primary author
Sam Bretheim
(Nominum)
