Patents Assigned to Infoblox, Inc.
-
Patent number: 11916942Abstract: Techniques for automated identification of false positives in DNS tunneling detectors are disclosed. In some embodiments, a system, process, and/or computer program product for automated identification of false positives in DNS tunneling detectors includes receiving a set of passive DNS data, wherein the set of passive DNS data includes a DNS query and a DNS response for resolution of the DNS query for each of a plurality of DNS queries; extracting a plurality of features associated with each domain in the set of passive DNS data; and classifying DNS tunneling activities and performing false positive reduction using the plurality of features associated with each domain in the set of passive DNS data to reduce false positive detections.Type: GrantFiled: July 2, 2021Date of Patent: February 27, 2024Assignee: Infoblox Inc.Inventor: Peter Boord
-
Patent number: 11909722Abstract: Various techniques for detecting homographs of domain names are disclosed. In some embodiments, a system, process, and/or computer program product for detecting homographs of domain names includes receiving a DNS data stream, wherein the DNS data stream includes a DNS query and a DNS response for resolution of the DNS query; applying a homograph detector for each domain in the DNS data stream; and detecting a homograph of a domain name in the DNS data stream using the homograph detector.Type: GrantFiled: May 27, 2022Date of Patent: February 20, 2024Assignee: Infoblox Inc.Inventor: Femi Olumofin
-
Patent number: 11755339Abstract: A cloud based network includes a plurality of nodes, each of which include at least one containerized microservice that enables intent-driven operation of the cloud based network. One or more resource controllers, each designated to manage a custom resource, communicate with a master controller of the node to manage operational and configuration states of the node and any microservices containerized within the node. The master enables a user to monitor and automate the management of microservices and the cloud based network as a whole. The containerized microservice architecture allows user customizable rendering of microservices, reconciliation of old and new versions of microservices, and facilitated management of a plurality of nodes.Type: GrantFiled: August 29, 2022Date of Patent: September 12, 2023Assignee: Infoblox Inc.Inventors: Phillip Ferrell, Prasanna Kumar Krishnamurthy, Vidyasagara Reddy Guntaka, Venkat Dabbara, Suresh Vobbilisetty, Himanshu Varshney
-
Patent number: 11695789Abstract: Techniques for detection of algorithmically generated domains based on a dictionary are disclosed. In some embodiments, a system, process, and/or computer program product for detection of algorithmically generated domains based on a dictionary includes receiving a DNS data stream, wherein the DNS data stream includes a DNS query and a DNS response for resolution of the DNS query; generating a graph based on the DNS data stream; and identifying a malicious dictionary based on the graph.Type: GrantFiled: March 30, 2021Date of Patent: July 4, 2023Assignee: Infoblox Inc.Inventors: Mayana Pereira, Vadym Tymchenko, Bin Yu
-
Patent number: 11695667Abstract: Techniques for Qprints using telemetry-based similarity for DNS are provided. In some embodiments, a system/process/computer program product for Qprints using telemetry-based similarity for DNS in accordance with some embodiments includes aggregating a set of network related event data, wherein the set of network related event data includes Domain Name System (DNS) related query data; clustering the DNS related query data; and generating similarity clusters for domains based on their DNS related query data. For example, the set of network related event data can include passive DNS (pDNS) data aggregated over a period of time to express pDNS data at-scale, and similarity of the pDNS data aggregated over the period of time is quantified, within and across networks based on telemetry-based similarity for DNS using a statistical model.Type: GrantFiled: November 24, 2021Date of Patent: July 4, 2023Assignee: Infoblox Inc.Inventor: Renée Carol Burton
-
Patent number: 11681767Abstract: Techniques for ranking services and top N rank lists are disclosed. In some embodiments, a system, process, and/or computer program product for ranking services and top N rank lists includes receiving a set of network related event data, wherein the set of network related event data includes Domain Name System (DNS) related event data; aggregating the DNS related event data over a period of time and rank order by popularity; and generating a top N rank list for ranking popularity over the period of time for a set of domains using the aggregated DNS related event data and rank order by popularity.Type: GrantFiled: January 28, 2021Date of Patent: June 20, 2023Assignee: Infoblox Inc.Inventors: Laura Teixeira da Rocha, Renee Carol Burton
-
Patent number: 11461114Abstract: A cloud based network includes a plurality of nodes, each of which include at least one containerized microservice that enables intent-driven operation of the cloud based network. One or more resource controllers, each designated to manage a custom resource, communicate with a master controller of the node to manage operational and configuration states of the node and any microservices containerized within the node. The master enables a user to monitor and automate the management of microservices and the cloud based network as a whole. The containerized microservice architecture allows user customizable rendering of microservices, reconciliation of old and new versions of microservices, and facilitated management of a plurality of nodes.Type: GrantFiled: May 17, 2021Date of Patent: October 4, 2022Assignee: Infoblox Inc.Inventors: Phillip Ferrell, Prasanna Kumar Krishnamurthy, Vidyasagara Reddy Guntaka, Venkat Dabbara, Suresh Vobbilisetty, Himanshu Varshney
-
Patent number: 11388142Abstract: Various techniques for detecting homographs of domain names are disclosed. In some embodiments, a system, process, and/or computer program product for detecting homographs of domain names includes receiving a DNS data stream, wherein the DNS data stream includes a DNS query and a DNS response for resolution of the DNS query; applying a homograph detector for each domain in the DNS data stream; and detecting a homograph of a domain name in the DNS data stream using the homograph detector.Type: GrantFiled: January 15, 2019Date of Patent: July 12, 2022Assignee: Infoblox Inc.Inventor: Femi Olumofin
-
Patent number: 11206265Abstract: Techniques for smart whitelisting for Domain Name System (DNS) security are provided. In some embodiments, a system/process/computer program product for smart whitelisting for DNS security in accordance with some embodiments includes receiving a set of network related event data, wherein the set of network related event data includes Domain Name System (DNS) related event data; receiving a set of network related threat data, wherein the set of network related threat data includes DNS related threat data; and generating a whitelist using the set of network related event data and the set of network related threat data, wherein the whitelist includes a subset of network domains included in the DNS related event data based on a data driven model of the DNS related event data and the DNS related threat data.Type: GrantFiled: April 30, 2019Date of Patent: December 21, 2021Assignee: Infoblox Inc.Inventor: Renee Carol Burton
-
Patent number: 11153176Abstract: Techniques for an exponential moving maximum (EMM) filter for predictive analytics in network reporting are disclosed. In some embodiments, a process for predictive analytics in network reporting using an EMM filter includes pre-processing network-related data by performing exponential moving maximum (EMM) filtering on the network-related data; and determining predictive analytics based on the EMM filtered network-related data.Type: GrantFiled: May 31, 2018Date of Patent: October 19, 2021Assignee: Infoblox Inc.Inventors: Bin Yu, Les Smith, Mark Threefoot
-
Patent number: 11140123Abstract: Techniques for community detection based on DNS querying patterns are disclosed. For example, techniques for community detection based on DNS querying patterns for anomaly detection and monitoring efficiencies are disclosed. In some embodiments, a system, process, and/or computer program product for community detection based on DNS querying patterns includes receiving DNS log files, wherein the DNS log files include a DNS query and a DNS response for resolution of the DNS query; generating a graph based on the DNS log files; identifying a plurality of communities using the graph based on DNS querying patterns; and detecting an anomaly in DNS activity associated with one or more of the communities based on a DNS querying rule.Type: GrantFiled: August 22, 2019Date of Patent: October 5, 2021Assignee: Infoblox Inc.Inventor: Aruna Chakkirala
-
Patent number: 11121947Abstract: Techniques for monitoring and analysis of interactions between network endpoints are disclosed. In some embodiments, a process for monitoring and analysis of interactions between network endpoints includes collecting Domain Name System (DNS) response data from a network device; determining network endpoint interactions based on an analysis of the DNS response data (e.g., using a processor); and generating a graph corresponding to the network endpoint interactions. For example, the network device can include a DNS device and/or a software-defined networking (SDN) device (e.g., an SDN switch, such as an OpenFlow switch).Type: GrantFiled: October 21, 2019Date of Patent: September 14, 2021Assignee: Infoblox Inc.Inventors: Sandhya Narayan, Stuart M. Bailey
-
Patent number: 11036521Abstract: A cloud based network includes a plurality of nodes, each of which include at least one containerized microservice that enables intent-driven operation of the cloud based network. One or more resource controllers, each designated to manage a custom resource, communicate with a master controller of the node to manage operational and configuration states of the node and any microservices containerized within the node. The master enables a user to monitor and automate the management of microservices and the cloud based network as a whole. The containerized microservice architecture allows user customizable rendering of microservices, reconciliation of old and new versions of microservices, and facilitated management of a plurality of nodes.Type: GrantFiled: October 24, 2019Date of Patent: June 15, 2021Assignee: Infoblox Inc.Inventors: Phillip Ferrell, Prasanna Kumar Krishnamurthy, Vidyasagara Reddy Guntaka, Venkat Dabbara, Suresh Vobbilisetty, Himanshu Varshney
-
Patent number: 11025648Abstract: Techniques for detection of algorithmically generated domains based on a dictionary are disclosed. In some embodiments, a system, process, and/or computer program product for detection of algorithmically generated domains based on a dictionary includes receiving a DNS data stream, wherein the DNS data stream includes a DNS query and a DNS response for resolution of the DNS query; generating a graph based on the DNS data stream; and identifying a malicious dictionary based on the graph.Type: GrantFiled: April 30, 2018Date of Patent: June 1, 2021Assignee: Infoblox Inc.Inventors: Mayana Pereira, Vadym Tymchenko, Bin Yu
-
Patent number: 10652207Abstract: Techniques for cloud network automation for IP address and DNS record management are disclosed. In some embodiments, a system, process, and/or computer program product for cloud network automation for IP address and DNS record management includes receiving at a cloud platform appliance (e.g., a virtual or physical IP address and/or DNS management appliance) a cloud request related to a resource (e.g., a virtual or physical resource) in a cloud environment from a global cloud manager; and processing the cloud request at the cloud platform appliance to determine whether to proxy the cloud request to another cloud platform appliance or a grid master or to locally process the cloud request, wherein a storage of infrastructure metadata information for IP address and/or DNS record management is updated based on the cloud request.Type: GrantFiled: August 31, 2018Date of Patent: May 12, 2020Assignee: Infoblox Inc.Inventors: John Charles Voss, Thomas S. Clark, Sebastien Woirgard, Wei Wang
-
Patent number: 10511498Abstract: Techniques for monitoring and analysis of interactions between network endpoints are disclosed. In some embodiments, a process for monitoring and analysis of interactions between network endpoints includes collecting Domain Name System (DNS) response data from a network device; determining network endpoint interactions based on an analysis of the DNS response data (e.g., using a processor); and generating a graph corresponding to the network endpoint interactions. For example, the network device can include a DNS device and/or a software-defined networking (SDN) device (e.g., an SDN switch, such as an OpenFlow switch).Type: GrantFiled: March 27, 2015Date of Patent: December 17, 2019Assignee: Infoblox Inc.Inventors: Sandhya Narayan, Stuart M. Bailey
-
Patent number: 10498751Abstract: Various techniques for providing inline DGA detection with deep networks are disclosed. In some embodiments, a system, process, and/or computer program product for inline DGA detection with deep networks includes receiving a DNS data stream, in which the DNS data stream includes a DNS query and a DNS response for resolution of the DNS query; determining whether the DNS query is associated with a potentially malicious network domain based on the inline DGA detection model; and performing a mitigation action if it is determined that the DNS query is associated with a potentially malicious network domain based on the inline DGA detection model.Type: GrantFiled: September 29, 2017Date of Patent: December 3, 2019Assignee: Infoblox Inc.Inventors: Bin Yu, Mark Threefoot
-
Patent number: 10469314Abstract: Techniques for providing an API gateway for network policy and configuration management with public cloud are disclosed. In some embodiments, a system, process, and/or computer program product for an API gateway for network policy and configuration management with public cloud includes receiving a native or extended public cloud application programming interface (API) request at the API gateway; processing the public cloud API request; extracting data from the request for use in other API calls; and, in some cases, translating the public cloud API request into a native public cloud API request with or without adding parameters or properties to and/or substituting new values for parameters in the public cloud API request (e.g., in some cases modifying the public cloud API request can include inserting additional parameters/properties, such as instance IP address that was not present in the initial API request); and sending the native public cloud API request to the public cloud environment.Type: GrantFiled: October 17, 2018Date of Patent: November 5, 2019Assignee: Infoblox Inc.Inventors: James D. Ennis, Jr., Mehul Jayantilal Bhatt, John Charles Voss
-
Patent number: 10425383Abstract: Flux domain is generally an active threat vector, and flux domain behaviors are continually changing in an attempt to evade existing detection measures. Accordingly, new and improved techniques are disclosed for flux domain detection. In some embodiments, an online platform implementing an analytics framework for DNS security is provided for facilitating flux domain detection. For example, the online platform can implement an analytics framework for DNS security based on passive DNS traffic analysis, disclosed herein with respect to various embodiments.Type: GrantFiled: September 5, 2017Date of Patent: September 24, 2019Assignee: Infoblox Inc.Inventors: Bin Yu, Les Smith, Mark Threefoot
-
Patent number: 10270744Abstract: New and improved techniques for a behavior analysis based DNS tunneling detection and classification framework for network security are disclosed. In some embodiments, a platform implementing an analytics framework for DNS security is provided for facilitating DNS tunneling detection. For example, an online platform can implement an analytics framework for DNS security based on passive DNS traffic analysis.Type: GrantFiled: September 14, 2017Date of Patent: April 23, 2019Assignee: Infoblox Inc.Inventors: Bin Yu, Les Smith, Mark Threefoot