Augmented Intelligence to Scale Humans Fighting Botnets
We propose and implement a novel method of discovering botnet activities by identifying new core domains (domains that are directly below a TLD) that appear in real-time DNS query traffic as suspicious, and discovering botnet C&C groups using a domain correlation machine learning model. This method discovers botnet C&C groups before security list vendors which it is benchmarked against.
Amir Asiaee has more than 10 years of academic and industry experience in machine learning and natural language processing related projects. He has applied data analytic techniques to optimize Nominum output feeds by validating and consolidating lists of malicious activities that Nominum receives from its partners. Also, he is applying natural language processing and machine learning techniques to expand URL level threat detection. Prior to joining Nominum Amir contributed to industry projects at Yahoo as well large academic research projects at University of Georgia.
Yuriy Yuzifovich is Head of Security Research and Data Science for Nominum. Yuriy’s team builds patent-pending tools that analyze 100 billion DNS queries per day from hundreds of millions of internet subscribers in real time. With these tools, Nominum Data Science is able to discover anomalies and new infections, and build security platforms that proactively protect against ransomware, phishing and other malware. Before joining Nominum, Yuriy served as CTO of Mercury Development, the company he founded in 1999, where his team designed an enterprise-grade end-point protection solution for Guardian Edge (now part of Symantec), and an Internet safety application for Bsecure (now part of AVG).led expansion of EPAM on the West Coast. He also built a team to deliver secure file sharing software for Accellion. Yuriy holds Masters degrees in computer science and business from Samara State Aerospace University and Washington University, respectively. Yuriy regularly publishes in peer-reviewed journals and has co-authored multiple patents in data analytics and security.