Title

Proactive Detection Of Algorithmically Generated Malicious Domains

Keywords

Classification; DNS; Machine Learning

Abstract

Using an intrinsic feature of malicious domain name queries prior to their registration (perhaps due to clock drift), we devise a difference-based lightweight feature for malicious domain name detection. Using NXDomain query and response of a popular malware, we establish the effectiveness of our detector with 99% accuracy, and as early as more than 48 hours before they are registered. Our technique serves as a tool of detection where other techniques relying on entropy or domain generating algorithms reversing are impractical.

Publication Date

4-19-2018

Publication Title

International Conference on Information Networking

Volume

2018-January

Number of Pages

21-24

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1109/ICOIN.2018.8343077

Socpus ID

85047014439 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/85047014439

This document is currently not available here.

Share

COinS