US 12,348,546 B2
Name translation monitoring
Oded Comay, Tel Aviv (IL); and Oren Nechushtan, Ramat Gan (IL)
Assigned to Forescout Technologies, Inc., San Jose, CA (US)
Filed by FORESCOUT TECHNOLOGIES, INC., San Jose, CA (US)
Filed on Feb. 26, 2024, as Appl. No. 18/587,702.
Application 18/587,702 is a continuation of application No. 17/391,820, filed on Aug. 2, 2021, granted, now 11,916,943.
Application 17/391,820 is a continuation of application No. 16/752,289, filed on Jan. 24, 2020, granted, now 11,108,799, issued on Aug. 31, 2021.
Application 16/752,289 is a continuation of application No. 15/377,119, filed on Dec. 13, 2016, granted, now 10,574,678, issued on Feb. 25, 2020.
Prior Publication US 2025/0030715 A1, Jan. 23, 2025
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 61/4511 (2022.01); H04L 61/5007 (2022.01); H04L 61/58 (2022.01); H04L 61/59 (2022.01)
CPC H04L 63/1425 (2013.01) [H04L 61/4511 (2022.05); H04L 61/5007 (2022.05); H04L 63/1408 (2013.01); H04L 61/58 (2022.05); H04L 61/59 (2022.05)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
accessing network traffic;
extracting, from the network traffic, a domain name system (DNS) message;
monitoring subsequent network traffic that is associated with a device;
analyzing, by a processing device, the subsequent network traffic based on the DNS message and in view of one or more criteria which includes a port number associated with the subsequent network traffic, and
in response to the one or more criteria being satisfied, determining an indication of compromise (IoC) that is associated with the device.