A dictionary-based method for detecting machine-generated domains. Issue 4 (4th July 2021)
- Record Type:
- Journal Article
- Title:
- A dictionary-based method for detecting machine-generated domains. Issue 4 (4th July 2021)
- Main Title:
- A dictionary-based method for detecting machine-generated domains
- Authors:
- Wang, Tianyu
Chen, Li-Chiou
Genc, Yegin - Abstract:
- ABSTRACT: Internet robots, also known as bots, have transformed the businesses and society with convenience. However, the dynamics of these interactions could be under adversarial circumstances with detrimental effects on network security. Bots that use domain-generation algorithms (DGAs) can generate many random domains dynamically so that static domain blacklists become ineffective in preventing malicious attacks by botnets. Various families of recent botnets have used DGA to establish communication with the bots. Researchers have introduced various detection methods with moderate success. Methods proposed so far either detect only DGAs that use non-variations forms or focus on the classification accuracy instead of time complexity, which would be critical in real-world production. The goal of this article is to explore how machine learning can help in detecting machine-generated domain names. To that end, we propose a dictionary-based n-gram method that can detect 39 DGA variations. We compared our method with existing research and found that our method can improve the performance of the existing classification algorithms. At last, our method can achieve competitive results as the LSTM model while requiring less time and complexity. Our research helps real-time production for DGA detection and provides insight in protecting DNS server and information security.
- Is Part Of:
- Information security journal. Volume 30:Issue 4(2021)
- Journal:
- Information security journal
- Issue:
- Volume 30:Issue 4(2021)
- Issue Display:
- Volume 30, Issue 4 (2021)
- Year:
- 2021
- Volume:
- 30
- Issue:
- 4
- Issue Sort Value:
- 2021-0030-0004-0000
- Page Start:
- 205
- Page End:
- 218
- Publication Date:
- 2021-07-04
- Subjects:
- Network security -- botnet -- domain names -- classification algorithms -- machine learning
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.tandfonline.com/toc/uiss20/current ↗
http://www.tandf.co.uk/journals/titles/19393555.asp ↗
http://www.tandfonline.com/ ↗ - DOI:
- 10.1080/19393555.2020.1834650 ↗
- Languages:
- English
- ISSNs:
- 1939-3555
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4494.315500
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 18508.xml