Detecting malware based on expired command-and-control traffic. (July 2017)
- Record Type:
- Journal Article
- Title:
- Detecting malware based on expired command-and-control traffic. (July 2017)
- Main Title:
- Detecting malware based on expired command-and-control traffic
- Authors:
- Zou, Futai
Zhang, Siyu
Li, Linsen
Pan, Li
Li, Jianhua - Abstract:
- In this article, we analyze the behavioral characteristics of domain name service queries produced by programs and then design an algorithm to detect malware with expired command-and-control domains based on the key feature of domain name service traffic, that is, repeatedly querying domain with a fixed interval. In total, 3027 malware command-and-control domains in the network traffic of Shanghai Jiao Tong University, affecting 249 hosts, were successfully detected, with a high precision of 92.0%. This algorithm can find those malware with expired command-and-control domains that are usually ignored by current research and would have important value for eliminating network security risks and improving network security environment.
- Is Part Of:
- International journal of distributed sensor networks. Volume 13:Number 7(2017)
- Journal:
- International journal of distributed sensor networks
- Issue:
- Volume 13:Number 7(2017)
- Issue Display:
- Volume 13, Issue 7 (2017)
- Year:
- 2017
- Volume:
- 13
- Issue:
- 7
- Issue Sort Value:
- 2017-0013-0007-0000
- Page Start:
- Page End:
- Publication Date:
- 2017-07
- Subjects:
- Malware detection -- expired command-and-control -- domain name system -- time sequence analysis
Sensor networks -- Periodicals
Intelligent agents (Computer software) -- Periodicals
Multisensor data fusion -- Periodicals
681.2 - Journal URLs:
- http://www.informaworld.com/smpp/title~content=t714578688~db=all ↗
http://www.metapress.com/openurl.asp?genre=journal&issn=1550-1329 ↗
http://dsn.sagepub.com/ ↗
http://www.tandfonline.com/ ↗ - DOI:
- 10.1177/1550147717720791 ↗
- Languages:
- English
- ISSNs:
- 1550-1329
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4542.186400
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8234.xml