Early Detection of Spam Domains with Passive DNS and SPF

Fernández, Simón Peña; Korczyński, Maciej; Duda, Andrzej

doi:10.1007/978-3-030-98785-5_2

Cited by 2 publications

(3 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, the authors don’t train for malicious domains that are conceptually unknown and have never been seen in the field by malware analysts, tools, or specialists. Newer research on identifying fraudulent websites with the use of DNS properties may be found in [ 30 , 38 , 39 , 40 , 41 , 42 , 43 , 44 , 45 , 46 , 47 ].…”

Section: State Of the Artmentioning

confidence: 99%

“…QCLASS is a two-octet code that specifies the class of the query, e.g., internet addresses. Table 1 shows a record for the used dataset (17 feature vector per URL) [ 36 , 37 , 38 , 39 , 40 , 41 , 42 , 43 , 44 , 45 ].…”

Section: Proposed Malicious Url Detection Modelmentioning

confidence: 99%

“…QCLASS is a two-octet code that specifies the class of the query, e.g., internet addresses. Table 1 shows a record for the used dataset (17 feature vector per URL) [36][37][38][39][40][41][42][43][44][45]. Step 4: Feature Selection Using Genetic Algorithm…”

Section: Training Phasementioning

confidence: 99%

See 2 more Smart Citations

Building an Effective Classifier for Phishing Web Pages Detection: A Quantum-Inspired Biomimetic Paradigm Suitable for Big Data Analytics of Cyber Attacks

Darwish,

Farhan,

Elzoghabi

2023

Biomimetics

View full text Add to dashboard Cite

To combat malicious domains, which serve as a key platform for a wide range of attacks, domain name service (DNS) data provide rich traces of Internet activities and are a powerful resource. This paper presents new research that proposes a model for finding malicious domains by passively analyzing DNS data. The proposed model builds a real-time, accurate, middleweight, and fast classifier by combining a genetic algorithm for selecting DNS data features with a two-step quantum ant colony optimization (QABC) algorithm for classification. The modified two-step QABC classifier uses K-means instead of random initialization to place food sources. In order to overcome ABCs poor exploitation abilities and its convergence speed, this paper utilizes the metaheuristic QABC algorithm for global optimization problems inspired by quantum physics concepts. The use of the Hadoop framework and a hybrid machine learning approach (K-mean and QABC) to deal with the large size of uniform resource locator (URL) data is one of the main contributions of this paper. The major point is that blacklists, heavyweight classifiers (those that use more features), and lightweight classifiers (those that use fewer features and consume the features from the browser) may all be improved with the use of the suggested machine learning method. The results showed that the suggested model could work with more than 96.6% accuracy for more than 10 million query–answer pairs.

show abstract