Η team her safety companyς OpenDNS αναπτύσσει μια νέα μέθοδο που θα βοηθήσει στην αυτόματη recognition malware using an original tool called NLPRank, as reported by a company blog post.
“Using natural language processing (NLP), the predictive model detects potentially malicious typos and targeted phishing domains. Κακόβουλες ομάδες χρησιμοποιούν συχνά τεχνικές spear-phishing και πλαστογράφηση νόμιμων domains σαν μια τεχνική ασάφειας για τη διεξαγωγή των εγκληματικών τους ενεργειών με στόχο την διανομή malware
The NLPRank tool is designed to detect these malware-sharing domains that often act as C2 domains for targeted attacks. Our system uses heuristics, such as NLP and ASN mappings. Weighting, and matching with WHOIS data, as well as analysis of HTML tags to characterize these attacker domains. "
Natural language processing techniques are common in bioinformatics and data mining. OpenDNS Security Labs states that “so far they have shown that this technique offers a new way of categorizing websites used by Advanced Persistent Threat (APT) and cyber espionage, as well as a mechanism to discover links between hacker groups.
Let us mention that NLP (natural language processing) is a field of computer science that focuses on the interaction between computer and human language. There is nothing to do with neuro-linguistic programming, a term that often also uses the NLP shortcut.
You can see more information about the new technique on its official website OpenDNS Security Labs.