Machine learning-based algorithmically generated domain detection. (May 2022)
- Record Type:
- Journal Article
- Title:
- Machine learning-based algorithmically generated domain detection. (May 2022)
- Main Title:
- Machine learning-based algorithmically generated domain detection
- Authors:
- Wang, Zheng
Guo, Yang
Montgomery, Doug - Abstract:
- Abstract: Malware like botnets typically uses domain generation algorithms (DGAs) to dynamically produce a large number of random algorithmically generated domains (AGDs) and use a few of them to communicate with the command and control servers. AGD detection provides a lightweight yet effective solution to the threats imposed by DGA-based malware. For example, the linguistic distance between domain names was found as the promising metric to identify AGDs from benign domains. However, the distance metrics are not informatively enough used by the conventional approach. We propose to use machine learning algorithms on the distance metrics. Feature engineering techniques are proposed to boost detection performance. The results show that our proposal can outperform the existing algorithms, with a detection accuracy of over 99% for the tested DGAs. The permutation feature importance analysis is presented for explainability. The deployment locations of the AGD detectors are discussed. Graphical abstract: Highlights: Machine learning-based algorithmically generated domain detection is proposed. The proposals are validated in comparison with the existing methods and algorithms. Permutation feature importance is analyzed for the proposed feature set.
- Is Part Of:
- Computers & electrical engineering. Volume 100(2022)
- Journal:
- Computers & electrical engineering
- Issue:
- Volume 100(2022)
- Issue Display:
- Volume 100, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 100
- Issue:
- 2022
- Issue Sort Value:
- 2022-0100-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-05
- Subjects:
- Domain generation algorithm -- Malware detection -- Machine learning -- Feature engineering -- Classification
Computer engineering -- Periodicals
Electrical engineering -- Periodicals
Electrical engineering -- Data processing -- Periodicals
Ordinateurs -- Conception et construction -- Périodiques
Électrotechnique -- Périodiques
Électrotechnique -- Informatique -- Périodiques
Computer engineering
Electrical engineering
Electrical engineering -- Data processing
Periodicals
Electronic journals
621.302854 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00457906/ ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.compeleceng.2022.107841 ↗
- Languages:
- English
- ISSNs:
- 0045-7906
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.680000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 21753.xml