Large Scale Analysis of DNS Query Logs Reveals Botnets in the Cloud

Community Manager

The arms race between data security professionals and cybercriminals continues at a rapid pace. More than ever, attackers exploit compute resources for malicious purposes by deploying malware, known as “bots”, in virtual machines running in the cloud. Even a conservative estimate reveals that, at least, 1 in every 10,000 machines are part of some known Botnet.


To better protect VMs in the cloud, Azure Security Center (ASC) applies a novel supervised Machine Learning model for high-precision Botnet detection based on analysis of DNS query logs. This model achieves 95% precision and 43% recall and can detect Botnets before they are reported by antimalware companies.




Read more on the Azure blog.

Related Conversations
Sorting problem with imported data from query
DenisL in Excel on
5 Replies
Odd Windows 2012 R2 DNS requests
gregarican in Windows Admin Center on
2 Replies
Excel web query DataFormat.Error "not a valid path"
Simon Pearce in Excel on
7 Replies
dns subdomains
John Curtiss in Office 365 on
2 Replies