2021
DOI: 10.3390/electronics10091039
|View full text |Cite
|
Sign up to set email alerts
|

A Word-Level Analytical Approach for Identifying Malicious Domain Names Caused by Dictionary-Based DGA Malware

Abstract: Computer networks are facing serious threats from the emergence of malware with sophisticated DGAs (Domain Generation Algorithms). This type of DGA malware dynamically generates domain names by concatenating words from dictionaries for evading detection. In this paper, we propose an approach for identifying the callback communications of such dictionary-based DGA malware by analyzing their domain names at the word level. This approach is based on the following observations: These malware families use their own… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1

Citation Types

0
3
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
2
1
1
1

Relationship

0
5

Authors

Journals

citations
Cited by 7 publications
(3 citation statements)
references
References 38 publications
0
3
0
Order By: Relevance
“…The character-level similarities between dynamically generated domain names and human-produced domain names were the key challenge to address; modelling based on these similarities is unlikely to be good enough to detect dict-DGA malware. As a result, [20] suggested a method for detecting fraudulent domain names at the word level by examining their character strings The goal of this work was to identify dynamically produced domains from huge DNS queries in order to detect dict-DGA malware callbacks.The suggested method, which consists of four steps. They are feature-vector based identification, word segmentation, noise reduction, and word graph generation.…”
Section: Literature Surveymentioning
confidence: 99%
See 1 more Smart Citation
“…The character-level similarities between dynamically generated domain names and human-produced domain names were the key challenge to address; modelling based on these similarities is unlikely to be good enough to detect dict-DGA malware. As a result, [20] suggested a method for detecting fraudulent domain names at the word level by examining their character strings The goal of this work was to identify dynamically produced domains from huge DNS queries in order to detect dict-DGA malware callbacks.The suggested method, which consists of four steps. They are feature-vector based identification, word segmentation, noise reduction, and word graph generation.…”
Section: Literature Surveymentioning
confidence: 99%
“…Only analyze the character string behaviour [20] Word graph method This model takes longer computational time in large scale networks. [34] Behavior analysis The process is long time taking one.…”
Section: Data Collectionmentioning
confidence: 99%
“…e other is to use relevant algorithms such as neural networks in machine learning or their improved algorithms to realize the automatic extraction of character-level features of domain name data and subsequent analysis, processing, and discrimination [3][4][5].…”
Section: Introductionmentioning
confidence: 99%