A machine learning framework for domain generating algorithm based malware detection

Real‐time detection of domain names that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficient to handle DGA threats. In this paper, a machine learning framework for identifyin...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Security and privacy 2020-11, Vol.3 (6), p.n/a
Hauptverfasser: G. P., Akhila, R., Gayathri, S., Keerthana, Gladston, Angelin
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Real‐time detection of domain names that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficient to handle DGA threats. In this paper, a machine learning framework for identifying and detecting DGA domains is proposed to alleviate the threat. The proposed machine learning framework consists of a two‐level model. In the two‐level model, the DGA domains are classified apart from normal domains and then the clustering method is used to identify the algorithms that generate those DGA domains.
ISSN:2475-6725
2475-6725
DOI:10.1002/spy2.127