Filters








96 Hits in 6.5 sec

A Machine Learning Framework for Domain Generation Algorithm (DGA)-Based Malware Detection

Yi Li, Kaiqi Xiong, Tommy Chin, Chengbin Hu
2019 IEEE Access  
In this paper, we propose a machine learning framework for identifying and detecting DGA domains to alleviate the threat.  ...  We also propose a deep learning model to classify a large number of DGA domains. The proposed machine learning framework consists of a two-level model and a prediction model.  ...  Anti-malware softwares have been widely used in enterprises for a long time since they can provide some level of security on computer networks and systems to detect and mitigate malware attacks.  ... 
doi:10.1109/access.2019.2891588 fatcat:7lakz43wkvgdtgp6vy3fdsqqvm

Malicious Domain Detection Based on Machine Learning

YI-DA YAN, ZHEN-YAN LIU, JUN-WEI ZHONG, DU CHENG, JING-FENG XUE, YONG WANG
2018 DEStech Transactions on Computer Science and Engineering  
At present, malicious domain detection, especially malicious domain detection based on machine learning, is one of the research hotspot in network security field.  ...  In the end, we also explore some potential future issues in malicious domain detection research.  ...  In general, they use machine learning methods to extract features, and establish the classification model to detect.  ... 
doi:10.12783/dtcse/iceit2017/19866 fatcat:75wt7lq5zbct3elgcs7lbclo4e

ScaleNet: Scalable and Hybrid Frameworkfor Cyber Threat Situational AwarenessBased on DNS, URL,and Email Data Analysis

R. Vinayakumar, K. P. Soman, Prabaharan Poornachandran, Vysakh S. Mohan, Amara Dinesh Kumar
2018 Journal of Cyber Security and Mobility  
Deep learning is a machine learning technique largely used by researchers in recent days. It avoids feature engineering which served as a critical step for conventional machine learning algorithms.  ...  Still, additional domain level features can be defined for deep learning methods in NLP tasks to enhance the performance. The cyber security events considered in this study are surrounded by texts.  ...  We are grateful to NVIDIA India, for the GPU hardware support to research grant. We are also grateful to Computational Engineering and Networking (CEN) department for encouraging the research.  ... 
doi:10.13052/jcsm2245-1439.823 fatcat:dpsz7dfa2bhufg2fljdafxt2zi

Domain Name System Security and Privacy: A Contemporary Survey [article]

Aminollah Khormali, Jeman Park, Hisham Alasmary, Afsah Anwar, David Mohaisen
2020 arXiv   pre-print
The domain name system (DNS) is one of the most important components of today's Internet, and is the standard naming convention between human-readable domain names and machine-routable IP addresses of  ...  In order to comprehensively understand the root causes of the vulnerabilities of DNS, it is mandatory to review the various activities in the research community on DNS landscape.  ...  name, Sub-domain depth, etc. with machine learning algorithms is proposed.  ... 
arXiv:2006.15277v1 fatcat:loknouehirdhvdgztkevi27vse

Encrypted and Covert DNS Queries for Botnets: Challenges and Countermeasures

Constantinos Patsakis, Fran Casino, Vasilios Katos
2019 Computers & security  
A typical approach to evade the identification and potential takedown of a botnet command and control server is domain fluxing through the use of Domain Generation Algorithms (DGAs).  ...  In this work, we showcase that the latter is a strong assumption as malware could efficiently hide its DNS queries using covert and/or encrypted channels bypassing the detection mechanisms.  ...  Responsibility for the information and views expressed therein lies entirely with the authors.  ... 
doi:10.1016/j.cose.2019.101614 fatcat:e4dxvp2hbrclla4fxtdvhx5yni

Detection of DGA-Generated Domain Names with TF-IDF

Harald Vranken, Hassan Alizadeh
2022 Electronics  
We first present an extensive literature review on recent prior work in which machine learning and deep learning have been applied for detecting DGA-generated domain names.  ...  In this paper, we address how DGA-generated domain names can be detected by means of machine learning and deep learning.  ...  Acknowledgments: We kindly thank IT and Facility Services at Open Universiteit and SURF for providing the compute servers for performing our experiments.  ... 
doi:10.3390/electronics11030414 fatcat:ykcmtt6v2fdz5lhvntgbdwfdta

MaskDGA: A Black-box Evasion Technique Against DGA Classifiers and Adversarial Defenses [article]

Lior Sidi, Asaf Nadler, Asaf Shabtai
2019 arXiv   pre-print
Recent publications presented deep learning, character-level classifiers that are able to detect algorithmically generated domain (AGD) names with high accuracy, and correspondingly, significantly reduce  ...  In this paper we present MaskDGA, a practical adversarial learning technique that adds perturbation to the character-level representation of algorithmically generated domain names in order to evade DGA  ...  Additionally, the authors would like to thank R Vinayakumar for sharing the DMD-2018 dataset that was used in this study.  ... 
arXiv:1902.08909v1 fatcat:voeypnfegjgzrd7vykobacpyim

Survey on Botnet Detection Techniques: Classification, Methods, and Evaluation

Ying Xing, Hui Shu, Hao Zhao, Dannong Li, Li Guo, Jude Hemanth
2021 Mathematical Problems in Engineering  
It focuses on the application of advanced technologies such as deep learning, complex network, swarm intelligence, moving target defense (MTD), and software-defined network (SDN) for botnet detection.  ...  Combing with expert scores and objective weights, this survey proposes quantitative evaluation and gives a visual representation for typical detection methods.  ...  Deep learning ImageNet model was used to classify domain names generated by DGA [61] . RNN.  ... 
doi:10.1155/2021/6640499 fatcat:hkafnnj2cnbzjdbuk6iel3b5cm

Artificial Intelligence in the Cyber Domain: Offense and Defense

Thanh Cong Truong, Quoc Bao Diep, Ivan Zelinka
2020 Symmetry  
In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack.  ...  However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes.  ...  In a recent study [58] , the authors utilized IF-TF for a DGA and DNS covert channel detection system based machine learning.  ... 
doi:10.3390/sym12030410 fatcat:7gyse3gaxjguhgkvfnbi7knkf4

Survey Paper on APT Malware Identification using Malicious DNS and Traffic Analysis

2015 International Journal of Science and Research (IJSR)  
Malware APT can attack remote machine and infect it. After that it can get the personal information. Using DNS one can find malware in command and control servers (C&C).  ...  In the system we will do the malicious DNS analysis and find the suspicious APT malware. Further to that we analyze the suspicious IP traffic based on anomaly and signature detection innovation.  ...  For identify malicious domains that involved in APT malware activity is a challenge. The crafted malware in APT attack do not use DGA domains or malicious flux service.  ... 
doi:10.21275/v4i12.nov151928 fatcat:enm6ckxw4nc2jew4pjn7yxy27u

deMSF: a Method for Detecting Malicious Server Flocks for Same Campaign

Yixin Li, Liming Wang, Jing Yang, Zhen Xu, Xi Luo
2020 EAI Endorsed Transactions on Security and Safety  
As the necessary role infrastructures play, many approaches have been proposed to detect malicious servers.  ...  Nowadays, cybercriminals tend to leverage dynamic malicious infrastructures with multiple servers to conduct attacks, such as malware distribution and control.  ...  [6] develope a representation learning model named Asm2Vec to construct feature vectors for assembly code.  ... 
doi:10.4108/eai.21-6-2021.170236 fatcat:dm5zlb3ycva3ldrxtactgrbvhm

A Survey on Malicious Domains Detection through DNS Data Analysis

Yury Zhauniarovich, Issa Khalil, Ting Yu, Marc Dacier
2018 ACM Computing Surveys  
Malicious domains are one of the major resources required for adversaries to run attacks over the Internet.  ...  We describe a general framework of malicious domain detection techniques using DNS data.  ...  Supervised and semi-supervised detection algorithms rely on known malicious and benign domains to train a machine learning model and tune important parameters.  ... 
doi:10.1145/3191329 fatcat:lbtstk4zirabxiixxrqtv5oehi

Less is More: Robust and Novel Features for Malicious Domain Detection [article]

Chen Hajaj, Nitay Hason, Nissim Harel, Amit Dvir
2020 arXiv   pre-print
Since machine learning has become one of the most prominent methods of malware detection, A robust feature selection mechanism is proposed that results in malicious domain detection models that are resistant  ...  Specifically, many types of current cyber attacks use URLs for attack communications (e.g., C\&C, phishing, and spear-phishing).  ...  [56] proposed a machine learning methodology to detect malicious domain names using the Extreme Learning Machine (ELM) [27] which is closest to the one employed here.  ... 
arXiv:2006.01449v1 fatcat:lctx65q5ozcntos2kmq7qwpbi4

Demystifying the Transferability of Adversarial Attacks in Computer Networks [article]

Ehsan Nowroozi, Yassine Mekdad, Mohammad Hajian Berenjestanaki, Mauro Conti, Abdeslam EL Fergougui
2022 arXiv   pre-print
Then, we perform these attacks against three well- known datasets: the Network-based Detection of IoT (N-BaIoT) dataset, the Domain Generating Algorithms (DGA) dataset, and the RIPE Atlas dataset.  ...  Convolutional Neural Networks (CNNs) models are one of the most frequently used deep learning networks, and extensively used in both academia and industry.  ...  DNs (Domain Names).  ... 
arXiv:2110.04488v3 fatcat:ppfeznlqzfhnddin3fctp2b35a

Practical Attacks Against Graph-based Clustering [article]

Yizheng Chen, Yacin Nadji, Athanasios Kountouras, Fabian Monrose, Roberto Perdisci, Manos Antonakakis, Nikolaos Vasiloglou
2017 arXiv   pre-print
Our work highlights areas in adversarial machine learning that have not yet been addressed, specifically: graph-based clustering techniques, and a global feature space where realistic attackers without  ...  We design and evaluate two novel graph attacks against a state-of-the-art network-level, graph-based detection system.  ...  ACKNOWLEDGMENTS We thank our anonymous reviewers for their invaluable feedback, and Dr. Rosa Romero-Gómez for her help in visualization.  ... 
arXiv:1708.09056v1 fatcat:eirhmtvlvjckdh35qvfnwfhg54
« Previous Showing results 1 — 15 out of 96 results