Introduction

Abstract

DNS stands for Domain Name System and used for the domain name and IP address mappings. Every time a browser or application accesses the Internet, a DNS query is executed to find the corresponding IP address. After seeing the IP address of a domain, the computer can connect to the desired destination.

More 90% of malware traffic uses DNS for communicating to external entities. Also, DNS is a standard protocol for communication within other application protocols like SMTP, HTTP, SSL or FTP. Because of this, analysing DNS traffic is a powerful way to discover and block malicious activity.

DnsCyte

DNSCyte is a recursive DNS Service based on global cyber threat intelligence and machine learning to block threats and targeted attacks in real-time.

‚Äč