A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Filters
A Machine Learning Framework for Domain Generation Algorithm (DGA)-Based Malware Detection
2019
IEEE Access
Preserved Fulltext
In this paper, we propose a machine learning framework for identifying and detecting DGA domains to alleviate the threat. ...
We also propose a deep learning model to classify a large number of DGA domains. The proposed machine learning framework consists of a two-level model and a prediction model. ...
Anti-malware softwares have been widely used in enterprises for a long time since they can provide some level of security on computer networks and systems to detect and mitigate malware attacks. ...
doi:10.1109/access.2019.2891588
fatcat:7lakz43wkvgdtgp6vy3fdsqqvm
Malicious Domain Detection Based on Machine Learning
2018
DEStech Transactions on Computer Science and Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
At present, malicious domain detection, especially malicious domain detection based on machine learning, is one of the research hotspot in network security field. ...
In the end, we also explore some potential future issues in malicious domain detection research. ...
In general, they use machine learning methods to extract features, and establish the classification model to detect. ...
doi:10.12783/dtcse/iceit2017/19866
fatcat:75wt7lq5zbct3elgcs7lbclo4e
ScaleNet: Scalable and Hybrid Frameworkfor Cyber Threat Situational AwarenessBased on DNS, URL,and Email Data Analysis
2018
Journal of Cyber Security and Mobility
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Deep learning is a machine learning technique largely used by researchers in recent days. It avoids feature engineering which served as a critical step for conventional machine learning algorithms. ...
Still, additional domain level features can be defined for deep learning methods in NLP tasks to enhance the performance. The cyber security events considered in this study are surrounded by texts. ...
We are grateful to NVIDIA India, for the GPU hardware support to research grant. We are also grateful to Computational Engineering and Networking (CEN) department for encouraging the research. ...
doi:10.13052/jcsm2245-1439.823
fatcat:dpsz7dfa2bhufg2fljdafxt2zi
Domain Name System Security and Privacy: A Contemporary Survey
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The domain name system (DNS) is one of the most important components of today's Internet, and is the standard naming convention between human-readable domain names and machine-routable IP addresses of ...
In order to comprehensively understand the root causes of the vulnerabilities of DNS, it is mandatory to review the various activities in the research community on DNS landscape. ...
name, Sub-domain depth, etc. with machine learning algorithms is proposed. ...
arXiv:2006.15277v1
fatcat:loknouehirdhvdgztkevi27vse
Encrypted and Covert DNS Queries for Botnets: Challenges and Countermeasures
2019
Computers & security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2019 pre-print arXiv:1909.07099v1 fatcat:sbyizfqwknhidnutfnq6uberjq
A typical approach to evade the identification and potential takedown of a botnet command and control server is domain fluxing through the use of Domain Generation Algorithms (DGAs). ...
In this work, we showcase that the latter is a strong assumption as malware could efficiently hide its DNS queries using covert and/or encrypted channels bypassing the detection mechanisms. ...
Responsibility for the information and views expressed therein lies entirely with the authors. ...
doi:10.1016/j.cose.2019.101614
fatcat:e4dxvp2hbrclla4fxtdvhx5yni
Detection of DGA-Generated Domain Names with TF-IDF
2022
Electronics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
We first present an extensive literature review on recent prior work in which machine learning and deep learning have been applied for detecting DGA-generated domain names. ...
In this paper, we address how DGA-generated domain names can be detected by means of machine learning and deep learning. ...
Acknowledgments: We kindly thank IT and Facility Services at Open Universiteit and SURF for providing the compute servers for performing our experiments. ...
doi:10.3390/electronics11030414
fatcat:ykcmtt6v2fdz5lhvntgbdwfdta
MaskDGA: A Black-box Evasion Technique Against DGA Classifiers and Adversarial Defenses
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Recent publications presented deep learning, character-level classifiers that are able to detect algorithmically generated domain (AGD) names with high accuracy, and correspondingly, significantly reduce ...
In this paper we present MaskDGA, a practical adversarial learning technique that adds perturbation to the character-level representation of algorithmically generated domain names in order to evade DGA ...
Additionally, the authors would like to thank R Vinayakumar for sharing the DMD-2018 dataset that was used in this study. ...
arXiv:1902.08909v1
fatcat:voeypnfegjgzrd7vykobacpyim
Survey on Botnet Detection Techniques: Classification, Methods, and Evaluation
2021
Mathematical Problems in Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
It focuses on the application of advanced technologies such as deep learning, complex network, swarm intelligence, moving target defense (MTD), and software-defined network (SDN) for botnet detection. ...
Combing with expert scores and objective weights, this survey proposes quantitative evaluation and gives a visual representation for typical detection methods. ...
Deep learning ImageNet model was used to classify domain names generated by DGA [61] .
RNN. ...
doi:10.1155/2021/6640499
fatcat:hkafnnj2cnbzjdbuk6iel3b5cm
Artificial Intelligence in the Cyber Domain: Offense and Defense
2020
Symmetry
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. ...
However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. ...
In a recent study [58] , the authors utilized IF-TF for a DGA and DNS covert channel detection system based machine learning. ...
doi:10.3390/sym12030410
fatcat:7gyse3gaxjguhgkvfnbi7knkf4
Survey Paper on APT Malware Identification using Malicious DNS and Traffic Analysis
2015
International Journal of Science and Research (IJSR)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Malware APT can attack remote machine and infect it. After that it can get the personal information. Using DNS one can find malware in command and control servers (C&C). ...
In the system we will do the malicious DNS analysis and find the suspicious APT malware. Further to that we analyze the suspicious IP traffic based on anomaly and signature detection innovation. ...
For identify malicious domains that involved in APT malware activity is a challenge. The crafted malware in APT attack do not use DGA domains or malicious flux service. ...
doi:10.21275/v4i12.nov151928
fatcat:enm6ckxw4nc2jew4pjn7yxy27u
deMSF: a Method for Detecting Malicious Server Flocks for Same Campaign
2020
EAI Endorsed Transactions on Security and Safety
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
As the necessary role infrastructures play, many approaches have been proposed to detect malicious servers. ...
Nowadays, cybercriminals tend to leverage dynamic malicious infrastructures with multiple servers to conduct attacks, such as malware distribution and control. ...
[6] develope a representation learning model named Asm2Vec to construct feature vectors for assembly code. ...
doi:10.4108/eai.21-6-2021.170236
fatcat:dm5zlb3ycva3ldrxtactgrbvhm
A Survey on Malicious Domains Detection through DNS Data Analysis
2018
ACM Computing Surveys
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2018 pre-print arXiv:1805.08426v1 fatcat:hmghzvkqvbhnbjjq3w5zjvnuma
Malicious domains are one of the major resources required for adversaries to run attacks over the Internet. ...
We describe a general framework of malicious domain detection techniques using DNS data. ...
Supervised and semi-supervised detection algorithms rely on known malicious and benign domains to train a machine learning model and tune important parameters. ...
doi:10.1145/3191329
fatcat:lbtstk4zirabxiixxrqtv5oehi
Less is More: Robust and Novel Features for Malicious Domain Detection
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Since machine learning has become one of the most prominent methods of malware detection, A robust feature selection mechanism is proposed that results in malicious domain detection models that are resistant ...
Specifically, many types of current cyber attacks use URLs for attack communications (e.g., C\&C, phishing, and spear-phishing). ...
[56] proposed a machine learning methodology to detect malicious domain names using the Extreme Learning Machine (ELM) [27] which is closest to the one employed here. ...
arXiv:2006.01449v1
fatcat:lctx65q5ozcntos2kmq7qwpbi4
Demystifying the Transferability of Adversarial Attacks in Computer Networks
[article]
2022
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2022 pre-print arXiv:2110.04488v2 fatcat:s27zcxhjjjc5lec2bgontkwe3yOther Versions
Then, we perform these attacks against three well- known datasets: the Network-based Detection of IoT (N-BaIoT) dataset, the Domain Generating Algorithms (DGA) dataset, and the RIPE Atlas dataset. ...
Convolutional Neural Networks (CNNs) models are one of the most frequently used deep learning networks, and extensively used in both academia and industry. ...
DNs (Domain Names). ...
arXiv:2110.04488v3
fatcat:ppfeznlqzfhnddin3fctp2b35a
Practical Attacks Against Graph-based Clustering
[article]
2017
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Our work highlights areas in adversarial machine learning that have not yet been addressed, specifically: graph-based clustering techniques, and a global feature space where realistic attackers without ...
We design and evaluate two novel graph attacks against a state-of-the-art network-level, graph-based detection system. ...
ACKNOWLEDGMENTS We thank our anonymous reviewers for their invaluable feedback, and Dr. Rosa Romero-Gómez for her help in visualization. ...
arXiv:1708.09056v1
fatcat:eirhmtvlvjckdh35qvfnwfhg54
« Previous
Showing results 1 — 15 out of 96 results