Search DubaiPRNetwork.com

Home >> Technology

ESET Threat Intelligence data improves detection

Thursday, June 21, 2018/ Editor -  

Share

Home >> Technology

A test conducted by Whalebone, a provider of DNS filtering services, showed that adding Indicators of Compromise from ESET to DNS filtering detection data significantly improves detection. 

Experts from Whalebone and ESET revealed the results of a DNS filtering test in their joint presentation at the IS2 Conference, an information security event held in Prague, Czech Republic. The test was run on a sample of 100,000 internet connections, representing around half a million connected devices in two countries, the Czech Republic and Slovakia. 

Before, Whalebone had utilized Indicators of Compromise (IoC) generated via methods such as sandbox simulations, analysis of network traffic or utilizing known malware patterns. „We wanted to include detection data from endpoints as a new source of IoC, hoping for improved detection capability,“ said Robert Šefr, Whalebone’s Chief Technology Officer.

The test was aimed at confirming the expectation that including IoC from ESET Threat Intelligence would lead to new, previously unavailable detections – while keeping false positives at a minimum. 

The test was run in the first quarter of 2018 and involved around 55,000 unique malicious domains in the tested IoC feed. Out of those, around 1100 domains were detected. 18.5% of the devices in the test made at least one attempt to contact a malicious domain from the feed; the overall number of incidents in the test was around 1.75 million. Out of those, around  half (866,000 incidents, precisely 49.51%) were detected based solely on the IoC provided by ESET – i.e., without data from ESET, these incidents would have gone undetected. Only 0.47% of incidents were detected based on both ESET’s and original Whalebone data; the remaining 50.02% of incidents were detected independently from ESET. 

Out of the 866,000 incidents detected based on the IoC by ESET, only one single domain blocking was found to be a false positive. 

'The Whalebone test clearly showed that rigorous categorization of data, which is paramount for ESET, allows for both a high detection rate and keeping false positives close to zero', comments Peter Dekýš, ESET’s IT Security Director.

“The testing has shown that by including IoC from ESET Threat Intelligence, detections significantly increased, with false positives amounting virtually to zero. Overall, the test has proven that it is appropriate to use endpoint-sourced IoC for DNS-level protection”, concludes Whalebone’s Robert Šefr.

 


Previous in Technology

Next in Technology


Home >> Technology Section

Latest Press Release

Baroncelli Big Date collection from Mido

Cell Phones, Sporting Goods, and Soon, Cars: Ford Innovates with “Miracle” Mater ...

National Day Camel Marathon set to take place in February

The Network Communication Group and BrandTribe partner to launch a new branding ...

L'oréal Among the Top 10 of Thomson Reuters Diversity & Inclusion Index

Smart Dubai, du and Community Development Authority sign agreement to deliver Du ...

Phase 3 of MBR Solar Park in Dubai wins Solar Project of the Year 2018 at the As ...

Danube Home to Provide Free Gynaecologist Consultation on 26th and 27th October

Neymar Jr. Partners With GaGà Milano as Brand Ambassador

Tazio Nuvolari – Time is legend

The All-New Kindle Paperwhite Launches on SOUQ.com

Zoho Bets Big on Middle East, Opens an Office in Dubai

#MyDubai Competition offers Expatriates the Chance to Win a Trip for their Frien ...

Arjaan by Rotana Reports Occupancy Rate at 82 Percent in 2018

Xpress Money Signs Up As The Principal Sponsor of the Bengal Tigers in the T10 ...

Rado HyperChrome Diamonds

Etisalat signs MoU with Fujairah Department of Public Works & Agriculture

Flexible Working to Contribute $10tr to Global Economy by 2030

Ibn Battuta Mall partners with Pink Caravan to promote breast cancer awareness a ...

Wamda: Bahrain's push for legal reforms will bring a welcome boost to entreprene ...