A security system undergoing testing by a San Francisco-based firm plans to hasten the detection of domain names and sites taken for cybercrime.

The DNS translates domain names including idg.com into an IP address which could be called into a browser

OpenDNS provides a safe DNS service for organizations and ISPs that blocks requests from Web browsers to sites which could be connected with cybercrime or spoof a business like PayPal.

The firm, which was set up in 2005, has grown so substantially that its systems react to some 71 billion DNS requests daily.

The brand new system, called Natural Language Processing status (NLPRank) looks at a variety of metrics around a specific domain name or web site to determine if it is funny.

It scores a domain name to determine if it is by comparing it to a corpus of funny names or phrases probably deceptive.

Many cybercriminal groups have astonishingly predictable patterns when registering domain names names for their efforts, a sort of malicious vernacular. Fake domain names use company names, or phrases like “Java upgrade,” “billinginfo” or “security-information” to make an effort to seem valid.

But there is an opportunity that NLPRank could activate a false positive, flagging a variation of a domain name that’s not unlawful, said Andrew Hay, manager of security research at OpenDNS.

NLPRank additionally examines the HTML composition of a fresh domain name. In case it differs from that of the organization that is actual, it could be an indication of fraud.

NLPRank is being refined to ensure that the false positive rate is as low as possible. But there have been encouraging signs the system has spotted malware efforts found by other security firms, Hay said.

Banks were infiltrated by the group by getting the login credentials through e-mails containing malicious code, which were started by workers to key systems.

Hay said before the report was released to see if it’d advice on domain names related to the strikes OpenDNS was approached by Kaspersky. NLPRank was blocking a few of the domain names that were funny, even though OpenDNS did not understand more details about the assaults.

“We caught these things nicely back,” Hay said.

Sometimes, NLPRank could let a domain name before one is used to be blocked. After a domain name is registered by cybercriminals, they will frequently see it to ensure it is reachable. It might subsequently go inactive for a day or two before it’s integrated in an effort, Hay said.