Search DubaiPRNetwork.com

Home >> Technology

ESET Threat Intelligence data improves detection

Thursday, June 21, 2018/ Editor -  

Share

Home >> Technology

A test conducted by Whalebone, a provider of DNS filtering services, showed that adding Indicators of Compromise from ESET to DNS filtering detection data significantly improves detection. 

Experts from Whalebone and ESET revealed the results of a DNS filtering test in their joint presentation at the IS2 Conference, an information security event held in Prague, Czech Republic. The test was run on a sample of 100,000 internet connections, representing around half a million connected devices in two countries, the Czech Republic and Slovakia. 

Before, Whalebone had utilized Indicators of Compromise (IoC) generated via methods such as sandbox simulations, analysis of network traffic or utilizing known malware patterns. „We wanted to include detection data from endpoints as a new source of IoC, hoping for improved detection capability,“ said Robert Šefr, Whalebone’s Chief Technology Officer.

The test was aimed at confirming the expectation that including IoC from ESET Threat Intelligence would lead to new, previously unavailable detections – while keeping false positives at a minimum. 

The test was run in the first quarter of 2018 and involved around 55,000 unique malicious domains in the tested IoC feed. Out of those, around 1100 domains were detected. 18.5% of the devices in the test made at least one attempt to contact a malicious domain from the feed; the overall number of incidents in the test was around 1.75 million. Out of those, around  half (866,000 incidents, precisely 49.51%) were detected based solely on the IoC provided by ESET – i.e., without data from ESET, these incidents would have gone undetected. Only 0.47% of incidents were detected based on both ESET’s and original Whalebone data; the remaining 50.02% of incidents were detected independently from ESET. 

Out of the 866,000 incidents detected based on the IoC by ESET, only one single domain blocking was found to be a false positive. 

'The Whalebone test clearly showed that rigorous categorization of data, which is paramount for ESET, allows for both a high detection rate and keeping false positives close to zero', comments Peter Dekýš, ESET’s IT Security Director.

“The testing has shown that by including IoC from ESET Threat Intelligence, detections significantly increased, with false positives amounting virtually to zero. Overall, the test has proven that it is appropriate to use endpoint-sourced IoC for DNS-level protection”, concludes Whalebone’s Robert Šefr.

 


Previous in Technology

Next in Technology


Home >> Technology Section

Latest Press Release

CASIO announces UAE launch of new 'Pro Trek WSD-F20A' outdoor smartwatch

The Right Mix for Every Shower Experience: Thanks to GROHE's New Shower System E ...

Skydance: The Sun – shining amid the immensity of the galaxy

Top Five Reasons to Apply for a Full Scholarship With Dubai College of Tourism

Emirates Post Group celebrates Eid Al-Adha with Sharjah Social Child Care Centre

Huawei Recognizes Dr. Erdal Arikan, the Father of Polar Codes, for his Dedicatio ...

Mission Accomplished: “HP Mars Home Planet” Premieres Virtual Reality Experience

du celebrates this Eid Al Adha with free higher-speed WiFi More than 400 Locatio ...

Tommy Hilfiger Dressed Up Collections

Yas Island to host unforgettable Eid Al Adha celebrations

UAE Exchange and Unimoni waive service fee on remittances to Kerala Chief Minist ...

Feel Alive Again With the New IKEA 2019 Catalogue

Get 2 Margherita pizzas free on every download of the new 800 Degrees App

Beauty at Robinsons

Etihad Airways and Al Nassr FC Announce Partnership

Emirates introduces new range of toys on board bringing back customer favourites

Introducing the Autumn Winter 18 Collections

Tasneef to implement FTA's decision regarding issuing certificates for vessels f ...

Hong Kong Trade Fairs from September to November

Turkish Airlines reached the highest Load Factor in July with 85.3% LF.