1

Ai threat detection test

Has anyone been able to test the capabilites of the AI threat detection feature? 

18 replies

null
    • Hey
    • 2 yrs ago
    • Reported - view

    It definitely works haven't throughly tested it but by going on some sketchy sites, NRD blocks nearly anything that's not on the filters and AI gets about half of those by itself. So it works quite well as even without NRD it would block at least half of the new domains in terms of Ads/Fake sites. Haven't done any Phishing tests as those would probably be their focus, I'll let you know after messing with some later on today.

      • Hey
      • 2 yrs ago
      • Reported - view

      Did a quick test of 10 malicious URLs from mostly Today/Yesterday and it's 6/10 blocked by AI-Driven Threat Detection it's not the perfect test but for a better test with more domains, I'd have to email a list maker or spend hours so a quick 15 minute test, as I said before, it doesn't find every single domain but for a beta it's quite good. As full results, by using AI+NRD+Thret Intelligence it blocked all of them, the filters I was using also catched most.

      I can provide the website in a direct message if anyone else wants to do their own testing.

      • Pro subscriber ✓
      • DynamicNotSlow
      • 2 yrs ago
      • Reported - view

      Hey can you re-test with Quad9? Because they’re using AI too. 

      • Hey
      • 2 yrs ago
      • Reported - view

      DynamicNotSlow They also blocked all 10 domains (The website that I used for finding the malicious domains also showed their status on Cloudflare Quad9 etc.) But since Quad9 doesn't show the method / the blocking reason it could be their Threat intelligence or AI can't be sure but they also blocked all 10. The only problematic ones were Cloudflare and Google with Cloudflare blocking nearly half of the domains and Google getting even less.

      • Sohan_Ray
      • 2 yrs ago
      • Reported - view

      Hey Thanks a lot for your efforts and giving an idea of the capabilities of these features in Nextdns... 🙂🙂👍🏻

      • Sohan_Ray
      • 2 yrs ago
      • Reported - view

      DynamicNotSlow Are you sure?  Because I don't think Quad9 has an AI that is built into the DNS filtering system itself like NextDns. It only uses sources from industry leading cybersecurity companies that use AI.

      And of course it doesn't block ads, trackers which is a big caveat. 

      • Sohan_Ray
      • 2 yrs ago
      • Reported - view

      Hey By the way do you have any idea about how long the AI feature will be still in beta? I have noticed the native tracking protection feature has been in beta since quite long. 

      • Pro subscriber ✓
      • DynamicNotSlow
      • 2 yrs ago
      • Reported - view
      • Hey
      • 2 yrs ago
      • Reported - view

      Sohan Ray Here is a quote from their Threat Blocking tab

      Some are more specific – they may, for example, target niche markets such as financial fraud, homoglyphs, network IDS past behaviors, phishing detectable by visual object recognition, optical character recognition (OCR), structure and linkages to other sites, or app-based spyware.

      So they also seem to use AI since Visual Object Recognition and other more "intelligent" ways of finding malicious sites like Behavior and Structure analyzing.

      Their pure purpose as you said is to block Malicious sites while not blocking anything else / being none censored.

      NextDNS is an All-around suite that blocks anything you could possibly want through DNS or doesn't they keep it customizable.

      It's simply different approaches.

      • Hey
      • 2 yrs ago
      • Reported - view

      Sohan Ray I don't know and I'm purely guessing here but I'd expect it to be a while at least since to call something like AI/Machine learning "stable" it would mean that if they are going to do a lot of fine tuning over time to get it close to perfect in terms of what it does block and what it doesn't. Might take a while but currently it's not Stable per se in terms of Businesses / Enterprises for personal use, it's more useful than not so the amount of times where it blocks real malicious sites is quite a bit higher than the now and then false positives where it's worth turning on.

      • Sohan_Ray
      • 2 yrs ago
      • Reported - view

      DynamicNotSlow yeah I had seen this... But that isn't like a real time on the spot detection system. Its like a predictive analysis system that detects harmful domain attacks even before they actually start. Now, all though that is really impressive.... But consider this... Its not detecting if the domain that you are visiting currently is harmful or not... Its just predicting a domain name that'll be harmful and should you happen to visit it.. You'll be protected. 

      On the other hand NextDns AI detects in real time whether the domain you're about to visit is harmful or not. I believe this is more effective. 

      • Sohan_Ray
      • 2 yrs ago
      • Reported - view

      Hey I think I had read this. So what I think, they are saying is that Quad9 is using threat intelligence feeds from sources that do such kinds of analysis for identifying malicious domains. Its not something actually built in their DNS system itself. 

      • Hey
      • 2 yrs ago
      • Reported - view

      Sohan Ray It could definitely be working that way, they don't show how exactly their system works but it seems more likely now that you said that.

      One of their claims were that they didn't do anything of their own to not compete with their Partners so as you said it's more likely for their partners to be doing the analysis and returning the results to Quad9, this is also probably why they don't offer anything like knowing what exactly happened as it could be advertising/discouraging their partners. 

    • Hey
    • 2 yrs ago
    • Reported - view

    About to make a new Thread about extremely interesting findings I made through this testing, it shows something weird yet amazing.

      • Sohan_Ray
      • 2 yrs ago
      • Reported - view

      Hey oh good. Do send the link if you can. 

      • Hey
      • 2 yrs ago
      • Reported - view

      Sohan Ray Just posted it on the forums, a comparison of NextDNS and DNSFilter, one of the biggest names that I've seen and the result is, well, great for us but I mean it doesn't look too good for them. For the AI and how stable it might be, I'd say probably as stable as theirs in terms of blocking. I honestly want to see the results when NextDNS says that it's Stable later in the future.

      • Sohan_Ray
      • 2 yrs ago
      • Reported - view

      Hey woah! Awesome.... I had wanted to test out DNSFilter but their pricing plans seemed to be too steep to be used by individuals. 

      • Hey
      • 2 yrs ago
      • Reported - view

      Sohan Ray The testing was done on the Trial, the prices are as you said steep and they don't provide basic functions like DNS Encryption until you upgrade to Pro and give mobile roaming clients for Enterprise subscriptions only. So even if I could spend the money, I won't be spending that much for functions that are even available to free users.

      It's not a bad service but in terms of what you get for the price, it's not the best deal would be a nice way of saying it.

Content aside

  • 1 Likes
  • 2 yrs agoLast active
  • 18Replies
  • 727Views
  • 2 Following