Abstract: A method of generating receiving a valid domain name comprises evaluating a received valid domain name in a neural network trained to generate similar domain names, and providing an output comprising at least one domain name similar to the received valid domain name generated by the neural network. In a further example, a recurrent neural network is trained using valid domain names and observed malicious similar domain names and/or linguistic rules. In another example, the output of the recurrent neural network further comprises a similarity score reflecting a degree of similarity between the valid domain name and the similar domain name, such that the similarity score can be used to generate a ranked list of domain names similar to the valid domain name.

Abstract: A method of generating receiving a valid domain name comprises evaluating a received valid domain name in a neural network trained to generate similar domain names, and providing an output comprising at least one domain name similar to the received valid domain name generated by the neural network. In a further example, a recurrent neural network is trained using valid domain names and observed malicious similar domain names and/or linguistic rules. In another example, the output of the recurrent neural network further comprises a similarity score reflecting a degree of similarity between the valid domain name and the similar domain name, such that the similarity score can be used to generate a ranked list of domain names similar to the valid domain name.

Abstract: Data relating to attacks is collected in honeypots, including network address of attacks and time of attacks. The attack data is analyzed to generate a predicted likelihood of future attacks from network addresses in the activity data, and a network address blacklist is constructed including network addresses predicted likely to be a source of a future attack. The process is repeated over time, such that network addresses with no recent honeypot activity are removed from the blacklist.