Home / Companies / Cloudflare / Blog / Post Details
Content Deep Dive

Using the power of Cloudflare’s global network to detect malicious domains using machine learning

Blog post from Cloudflare

Post Details
Company
Date Published
Author
Jesse Kipp
Word Count
2,271
Company Posts That Month
55
Language
English
Hacker News Points
-
Post removed?
No
Summary

Cloudflare uses machine learning to detect Domain Generation Algorithm (DGA) domains and DNS tunneling, two techniques used by attackers to evade detection and control using domain names that look like random strings. The company trains a model that extends a pre-trained transformers-based neural network to identify DGA domains, achieving an accuracy of over 99% on test data. For DNS tunneling detection, Cloudflare uses a two-stage model consisting of a gradient boosted decision tree and a neural network model. The first stage makes quick yes/no decisions about whether the domain might be a DNS tunneling domain, while the second stage refines the categorization to distinguish legitimate applications from malicious ones.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Real-time 1 1,696 483 160 +14%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.