Search results for "Domain generation algorithm"

showing 3 items of 3 documents

Detection of algorithmically generated malicious domain names using masked N-grams

2019

Abstract Malware detection is a challenge that has increased in complexity in the last few years. A widely adopted strategy is to detect malware by means of analyzing network traffic, capturing the communications with their command and control (C&C) servers. However, some malware families have shifted to a stealthier communication strategy, since anti-malware companies maintain blacklists of known malicious locations. Instead of using static IP addresses or domain names, they algorithmically generate domain names that may host their C&C servers. Hence, blacklist approaches become ineffective since the number of domain names to block is large and varies from time to time. In this paper, we i…

0209 industrial biotechnologyDomain generation algorithmComputer scienceGeneral Engineering02 engineering and technologycomputer.software_genreBlacklistComputer Science ApplicationsRandom forestDomain (software engineering)020901 industrial engineering & automationArtificial IntelligenceServer0202 electrical engineering electronic engineering information engineeringMalware020201 artificial intelligence & image processingData miningcomputerHost (network)Block (data storage)Expert Systems with Applications
researchProduct

Toward Optimal LSTM Neural Networks for Detecting Algorithmically Generated Domain Names

2021

Malware detection is a problem that has become particularly challenging over the last decade. A common strategy for detecting malware is to scan network traffic for malicious connections between infected devices and their command and control (C&C) servers. However, malware developers are aware of this detection method and begin to incorporate new strategies to go unnoticed. In particular, they generate domain names instead of using static Internet Protocol addresses or regular domain names pointing to their C&C servers. By using a domain generation algorithm, the effectiveness of the blacklisting of domains is reduced, as the large number of domain names that must be blocked g…

Feature engineeringGeneral Computer ScienceArtificial neural networkComputer sciencebusiness.industrymalwareDeep learningGeneral EngineeringDeep learningdomain generation algorithmscomputer.software_genreBlacklistDomain (software engineering)TK1-9971ServerMalwareGeneral Materials ScienceNetwork performanceArtificial intelligenceData miningElectrical engineering. Electronics. Nuclear engineeringbusinessLSTMcomputerIEEE Access
researchProduct

Domain Generation Algorithm Detection Using Machine Learning Methods

2018

A botnet is a network of private computers infected with malicious software and controlled as a group without the knowledge of the owners. Botnets are used by cybercriminals for various malicious activities, such as stealing sensitive data, sending spam, launching Distributed Denial of Service (DDoS) attacks, etc. A Command and Control (C&C) server sends commands to the compromised hosts to execute those malicious activities. In order to avoid detection, recent botnets such as Conficker, Zeus, and Cryptolocker apply a technique called Domain-Fluxing or Domain Name Generation Algorithms (DGA), in which the infected bot periodically generates and tries to resolve a large number of pseudorando…

Pseudorandom number generatorDomain generation algorithmAlphanumericComputer sciencebusiness.industryDomain Name SystemComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKSBotnetDenial-of-service attackMachine learningcomputer.software_genreComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMSCryptoLockerMalwareArtificial intelligencebusinesscomputer
researchProduct