Up to 5 terabytes of data analyzed in real-time everyday
Meet our client
INDUSTRYCybersecurity
CUSTOMERA global ICT company
How we did it
There is no cybercrime without the backbone of digital crime, Command and Control (C&C) servers and spambots.
The challenge
Building a tool that spots suspicious traffic is a challenge mainly due to the gargantuan amount of real-time data that must be analyzed. The number of factors to consider when making predictions renders the task even harder.
The solution
The pattern of traffic coming to and from C&C servers is repeatable and therefore amenable for pattern recognition techniques.
The model deepsense.ai built draws on a variety of techniques including random forests as well as convolutional and recurrent neural networks.
The model takes into account variables including:
- The domains a suspicious IP connected with
- Internet usage, including the frequency with which the most popular internet sites were used (Google, Facebook, Netflix etc.)
- The frequency of DNS connections
- How many other subjects the suspicious IP communicated with
The effect
The solution analyzes 5 terabytes of data every day to spot C&C servers. It also finds the zombie computers that are linked in the spambots and delivering various services to cybercriminals without users’ knowledge. The system was set to generate 100 suspicious IPs daily – throughout the observation period all of them were found to have been conducting malicious activity (per leading market solution). ~30% gained malicious activity reports in leading market solution with a 1-2 day lag compared to our solution.
Contact us
Locations
United States of America
- deepsense.ai, Inc.
- 2100 Geng Road, Suite 210
- Palo Alto, CA 94303
- United States of America
Poland
- deepsense.ai Sp. z o.o.
- al. Jerozolimskie 44
- 00-024 Warsaw
- Poland
- ul. Łęczycka 59
- 85-737 Bydgoszcz
- Poland
Let us know how we can help
- Our service offerings
- contact@deepsense.ai
- Media relations
- media@deepsense.ai