Quick Start
cGraph: Color codes of the Timeline Graph
There can be 4 types of domain nodes in our graph.
- Benign - These are clean sites
- Compromised - These are used to be clean site but now hacked by attackers
- Malicious - These are attack sites created by attackers
- Unknown - The status of the site is not known (as we do not have sufficient information)
We are using Diffrent color nodes for these for domain types.
- Benign domains We mark a domain as benign if all of the following conditions are satisfied
- Alexa rank is below 100K and appeared in Alexa top 1m for at least two weeks
- Domain or URL(s) does not have VT positive (VT >= 1) for the day
- Compromised domains
- Alexa rank is below 100K and appeared in Alexa top 1m for at least two weeks
- Domain or URL(s) has VT positive (VT >= 1) for the day
- Malicious domains
- For VT = 2.
- For VT 3 and 4.
- For VT between 5 and 9.
- VT 10 or more.
If the above conditions are satisfied we are using the color
We mark a domain as Compromised if all of the following conditions are satisfied
If the above conditions are satisfied we are using the color
We will consider only VT >= 2 as malicious. Further, these domains do not have Alexa rank below 100k for at least two weeks.
For Unkown Domains.
For IP address.