0455622 20240103211805.120160215235959.9 10 s. E cav_un_epca*04556211-10Montréal, CanadaNIPS2015 variational bayes malicious domain detection large scale network cav_un_auth*0108231 Létal V. CZ cav_un_auth*0307300 Pevný T. CZ cav_un_auth*0101207 Šmídl Václav Adaptivní systémy Department of Adaptive Systems AS AS UTIA-B Department of Adaptive Systems Ústav teorie informace a automatizace AV ČR, v. v. i. cav_un_auth*0101197 Somol Petr Rozpoznávání obrazu Department of Pattern Recognition RO RO UTIA-B Department of Pattern Recognition Ústav teorie informace a automatizace AV ČR, v. v. i. http://library.utia.cas.cz/separaty/2016/AS/smidl-0455622.pdf GA15-08916S GA ČR CZ cav_un_auth*0328225 The common limitation in computer network security is the reactive nature of defenses. A new type of infection typically needs to be first observed live, before defensive measures can be taken. To improve the pro-active measures, we have developed a method utilizing WHOIS database (database of entities that has registered a particular domain) to model relations between domains even those not yet used. The model estimates the probability of a domain name being used for malicious purposes from observed connections to other related domains. The parameters of the model is inferred by a Variational Bayes method, and its effectiveness is demonstrated on a large-scale network data with millions of domains and trillions of connections to them. cav_un_auth*0327126 NIPS workshop: Advances in Approximate Bayesian Inference Montreal 11.12.2015 CA 2016 BD 4 PO RVO:67985556 http://hdl.handle.net/11104/0257094 1 S 2015 cav_un_epca*0455621 NIPS Workshop: Advances in Approximate Bayesian Inference 1 10 Montréal, Canada NIPS 2015