Real-time detection of cybercrimes

Up to 5 terabytes of data analyzed in real-time everyday

Meet our client


CUSTOMERA global ICT company

How we did it

There is no cybercrime without the backbone of digital crime, Command and Control (C&C) servers and spambots.

The challenge
Building a tool that spots suspicious traffic is a challenge mainly due to the gargantuan amount of real-time data that must be analyzed. The number of factors to consider when making predictions renders the task even harder.

The solution
The pattern of traffic coming to and from C&C servers is repeatable and therefore amenable for pattern recognition techniques.

The model built draws on a variety of techniques including random forests as well as convolutional and recurrent neural networks.

The model takes into account variables including:

The domains a suspicious IP connected with
Internet usage, including the frequency with which the most popular internet sites were used (Google, Facebook, Netflix etc.)
The frequency of DNS connections
How many other subjects the suspicious IP communicated with

The effect
The solution analyzes 5 terabytes of data every day to spot C&C servers. It also finds the zombie computers that are linked in the spambots and delivering various services to cybercriminals without users’ knowledge. The system was set to generate 100 suspicious IPs daily – throughout the observation period all of them were found to have been conducting malicious activity (per leading market solution). ~30% gained malicious activity reports in leading market solution with a 1-2 day lag compared to our solution.

We want to hear from you

Find us
  •, Inc.
  • 2100 Geng Road, Suite 210
  • Palo Alto, CA 94303
  • United States of America
  • Sp. z o.o.
  • Al. Jerozolimskie 162A
  • 02-342 Warsaw
  • Poland
Let us know how we can help
Fill out this quick form and we will contact you shortly

You can modify your privacy settings and unsubscribe from our lists at any time (see our privacy policy).

This site is protected by reCAPTCHA and the Google privacy policy and terms of service apply.