Forum Discussion

EricStarker's avatar
EricStarker
Former Employee
Mar 27, 2017

Large Scale Analysis of DNS Query Logs Reveals Botnets in the Cloud

The arms race between data security professionals and cybercriminals continues at a rapid pace. More than ever, attackers exploit compute resources for malicious purposes by deploying malware, known as “bots”, in virtual machines running in the cloud. Even a conservative estimate reveals that, at least, 1 in every 10,000 machines are part of some known Botnet.

 

To better protect VMs in the cloud, Azure Security Center (ASC) applies a novel supervised Machine Learning model for high-precision Botnet detection based on analysis of DNS query logs. This model achieves 95% precision and 43% recall and can detect Botnets before they are reported by antimalware companies.

 

 

Read more on the Azure blog.

No RepliesBe the first to reply

Resources