Multivariate Solutions to Emerging Passive DNS Challenges

Explore emerging challenges in passive DNS threat intelligence and learn advanced multivariate techniques to overcome them in this 58-minute Black Hat conference talk by Paul Vixie. Delve into complex scenarios where traditional "guilt by association" methods fall short, such as domains sharing name servers with thousands of legitimate sites. Discover how to combine passive DNS data with multiple attributes to effectively identify related malicious domains. Gain insights into topics like reverse proxies, public suffix lists, domain big data, controlled substances, spam detection, and the impact of surveillance capitalism on threat analysis. Master practical strategies to enhance your threat intelligence capabilities and stay ahead of evolving DNS-based threats.