A machine learning framework for domain generating algorithm based malware detection
Real‐time detection of domain names that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficient to handle DGA threats. In this paper, a machine learning framework for identifyin...
Gespeichert in:
Veröffentlicht in: | Security and privacy 2020-11, Vol.3 (6), p.n/a |
---|---|
Hauptverfasser: | , , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | Real‐time detection of domain names that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficient to handle DGA threats. In this paper, a machine learning framework for identifying and detecting DGA domains is proposed to alleviate the threat. The proposed machine learning framework consists of a two‐level model. In the two‐level model, the DGA domains are classified apart from normal domains and then the clustering method is used to identify the algorithms that generate those DGA domains. |
---|---|
ISSN: | 2475-6725 2475-6725 |
DOI: | 10.1002/spy2.127 |