This site uses cookies to enhance your experience.  By continuing to visit this website, you consent to the use of these cookies. Click here to learn more about our privacy policy.

Background

No savvy hacker launches attacks from their personal IP address unless they want to be caught. To maximise the effect and longevity of attacks, hackers command an army of botnets to carry out their malicious activities like DDoS, ransomware infection or network scanning to detect valuable assets and vulnerabilities.

Command and Control is the primary communication vehicle employed to control these botnets. While these C&C networks once operated from static IP addresses, hackers have recently responded to increasingly sophisticated security advances by transforming Domain Generating Algorithms (DGA) into C&C servers. Botnets communicate with C&C servers by sending out a dynamic domain name, predefined by an algorithm only known to the hackers. These DNS requests change quickly and often and are extremely difficult to detect using the traditional firewall and threat intelligence. 
* Picture on the right side is sourced from virustotal.com (March 2018)
20180717093645_79227

Botnet Detection Results

A combination of the above techniques uncovers significantly more malicious domain names compared to other popular Botnet Scanning services. Sangfor’s Botnet Detection tool has already uncovered several new malicious domain names, as illustrated below in a comparison between malicious domain names discovered by Sangfor and VirusTotal.  



Innovation Advantages

Our Advantages

Neural-X Botnet Detection has uncovered over 1 million malicious domain names, with additional discoveries daily.