{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-9609012","patent":{"patent_number":"US-9609012","title":"Detection of infected network devices and fast-flux networks by tracking URL and DNS resolution changes","assignee":null,"inventors":[],"filing_date":"2016-02-12T00:00:00.000Z","publication_date":"2017-03-28T00:00:00.000Z","cpc_codes":["H04L","H04L","H04L","H04L","H04L","H04L","H04L"],"num_claims":20,"abstract":"A system and method for detecting Fast-Flux malware are presented. Domain name system (DNS) lookup requests to DNS servers from a local area network (LAN) to a wide area network (WAN) are monitored. The DNS lookup requests comprise requests to resolve uniform resource locators (URLs) to network addresses. The network addresses (IP) received from the DNS servers for the DNS lookup requests are monitored provide a URL-to-IP associations list. The DNS servers used for the DNS lookup requests for the URLs are monitored to provide a DNS Domain-to-DNS server associations list. A suspicious URL log based on the URL-to-IP associations list, and a suspicious DNS log based on the DNS Domain-to-DNS server associations list are generated."},"analysis":{"summary":null,"layman_explanation":null,"technical_analysis":null,"business_analysis":null,"faqs":null,"topics":[],"tech_cluster":null},"seo":{"title":"Detection of infected network devices and fast-flux networks by tracking URL and DNS resolution changes","description":"A system and method for detecting Fast-Flux malware are presented. Domain name system (DNS) lookup requests to DNS servers from a local area network (LAN) to a wide area network (WAN) are monitored. T","keywords":[]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-9609012","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-9609012","citation_suggestion":"Patentable. \"Detection of infected network devices and fast-flux networks by tracking URL and DNS resolution changes\" (US-9609012). https://patentable.app/patents/US-9609012","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-9609012","json":"https://patentable.app/api/llm-context/US-9609012","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-06-06T10:13:08.858Z"}