2020
DOI: 10.1109/ojcoms.2020.3038704
|View full text |Cite
|
Sign up to set email alerts
|

A Superficial Analysis Approach for Identifying Malicious Domain Names Generated by DGA Malware

Abstract: Some of the most serious security threats facing computer networks involve malware. To prevent malware-related damage, administrators must swiftly identify and remove the infected machines that may reside in their networks. However, many malware families have domain generation algorithms (DGAs) to avoid detection. A DGA is a technique in which the domain name is changed frequently to hide the callback communication from the infected machine to the command-and-control server. In this paper, we propose an approa… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
5
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
5
2
1
1

Relationship

0
9

Authors

Journals

citations
Cited by 9 publications
(5 citation statements)
references
References 38 publications
0
5
0
Order By: Relevance
“…Satoh et al [52] filter benign domain names using whitelists, select the longest subdomain and split it into words using dictionaries, and estimate the randomness of character strings. To compensate for deficiencies of the dictionaries, they also estimate the randomness of a subdomain by referring to web search results.…”
Section: Other Methodsmentioning
confidence: 99%
“…Satoh et al [52] filter benign domain names using whitelists, select the longest subdomain and split it into words using dictionaries, and estimate the randomness of character strings. To compensate for deficiencies of the dictionaries, they also estimate the randomness of a subdomain by referring to web search results.…”
Section: Other Methodsmentioning
confidence: 99%
“…A Superficial Analysis Approach is proposed for estimating the randomness of domain names by superficially analyzing their character strings in [19] .The following observations underpin this strategy: The goal of humangenerated benign domain names, such as an organisation, product, or material, tends to reflect the intent of their domain registrants. Because conflicts with existing registered domain names must be avoided, dynamically created harmful domain names consist of nonsensical character strings; thus, there are observable discrepancies in the strings of dynamically generated and human-made domain names.Previous research have recommended for the use of randomization to aid malware detection, however this approach distinguishes between benign and malicious domains using simply the character string of the domain name and does not require any prior knowledge of DGAs.This strategy's unique features have secured three tiers of effectiveness.…”
Section: Literature Surveymentioning
confidence: 99%
“…Cybercrime is predicted to skyrocket to become over $23.8 Trillion industry by 2027 [1]. A hack attack occurs every 39 seconds, and about 300,000 new malwares are created daily [2]. By 2025, ~75 billion devices will be connected to the Internet [3].…”
Section: Introductionmentioning
confidence: 99%