Systems and methods for inferring entity relationships via network communications of users or user devices

What is claimed is: 1. A method for inferring a relationship between two entities, the method comprising the steps of: receiving at a server, from a network device, composite flow information corresponding to a plurality of flows, wherein each individual flow information comprises a source network identifier and a destination network identifier; determining that for a subset of the plurality of flows: (i) the source network identifier in each flow in the subset belongs to a first set of network identifiers, each of which being associated with a first entity, and (ii) the destination network identifier in each flow in the subset belongs to a second set of network identifiers, each of which being associated with a second entity; and determining that a relationship exists between the first entity and the second entity based on (i) a port associated with the flows in the subset and (ii) a determination that a frequency of the flows in the subset is at least equal to a specified flow-frequency threshold, wherein the flow-frequency threshold is based on a size of the first entity. 2. The method of claim 1 , wherein determining the existence of the relationship comprises identifying a type of the port associated with the subset of flows. 3. The method of claim 2 , wherein the port type is a file transfer protocol (FTP) port, or a simple mail transfer protocol (SMTP) port. 4. The method of claim 1 , wherein the determination of existence of the relationship is based on, at least in part, an additional determination that one or more of the network identifiers in the second set are designated for an entity having a relationship with the second entity. 5. The method of claim 1 , wherein the network device is associated with an Internet service provider (ISP) or an Internet exchange point (IXP), the ISP or the IXP being different from the first entity and the second entity. 6. The method of claim 1 , wherein: the network device comprises a domain name system (DNS) resolver; and a first individual flow information comprises a first source network identifier, a first destination network identifier, and a response from a reputation service corresponding to the first source network identifier. 7. A system for inferring a relationship between two entities, comprising: a processor; a network port in communication with the processor and adapted to receive composite flow information corresponding to a plurality of flows; and a memory coupled to the processor and comprising instructions, which when executed by the processor, program the processor to: receive from a network device, the composite flow information corresponding to the plurality of flows, wherein each individual flow information comprises a source network identifier and a destination network identifier; determine that for a subset of the plurality of flows: (i) the source network identifier in each flow in the subset belongs to a first set of network identifiers, each of which being associated with a first entity, and (ii) the destination network identifier in each flow in the subset belongs to a second set of network identifiers, each of which being associated with a second entity; and determine that a relationship exists between the first entity and the second entity based on (i) a port associated with the flows in the subset and (ii) a determination that a frequency of the flows in the subset is at least equal to a specified flow-frequency threshold, wherein the flow-frequency threshold is based on a size of the first entity. 8. The system of claim 7 , wherein to determine the existence of the relationship, the instructions program the processor to: identify a type of the port associated with the subset of flows. 9. The system of claim 8 , wherein the port type is a file transfer protocol (FTP) port, or a simple mail transfer protocol (SMTP) port. 10. The system of claim 7 , wherein to determine the existence of the relationship, the instructions program the processor further to: determine that one or more of the network identifiers in the second set are designated for an entity having a relationship with the second entity. 11. The system of claim 7 , wherein the network device is associated with an Internet service provider (ISP) or an Internet exchange point (IXP), the ISP or the IXP being different from the first entity and the second entity. 12. The system of claim 7 , wherein: the network device comprises a domain name system (DNS) resolver; and a first individual flow information comprises a first source network identifier, a first destination network identifier, and a response from a reputation service corresponding to the first source network identifier.