A machine learning framework for domain generating algorithm based malware detection

Real‐time detection of domain names that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficient to handle DGA threats. In this paper, a machine learning framework for identifyin...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	Security and privacy 2020-11, Vol.3 (6), p.n/a
Hauptverfasser:	G. P., Akhila, R., Gayathri, S., Keerthana, Gladston, Angelin
Format:	Artikel
Sprache:	eng
Schlagworte:	density‐based spatial clustering of applications with noise DGA gradient boosting tree J48 Jaccard‐index logistic regression machine learning malware n‐grams entropy ordering points to identify the clustering
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	n/a
container_issue	6
container_start_page
container_title	Security and privacy
container_volume	3
creator	G. P., Akhila R., Gayathri S., Keerthana Gladston, Angelin
description	Real‐time detection of domain names that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficient to handle DGA threats. In this paper, a machine learning framework for identifying and detecting DGA domains is proposed to alleviate the threat. The proposed machine learning framework consists of a two‐level model. In the two‐level model, the DGA domains are classified apart from normal domains and then the clustering method is used to identify the algorithms that generate those DGA domains.
doi_str_mv	10.1002/spy2.127
format	Article
fullrecord	<record><control><sourceid>wiley_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1002_spy2_127</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>SPY2127</sourcerecordid><originalsourceid>FETCH-LOGICAL-c2297-5ac9e54f1fcb86d2c8e2dc5f7750e4e77e008ed21ae65b4c6609d968bc4c312e3</originalsourceid><addsrcrecordid>eNp1kL1qwzAYRUVpoSEN9BE0dnEqfbYkewyhfxBooenQycjSp0Stf4JkMH772qRDl073wj3c4RByy9maMwb38TTCmoO6IAvIlEikAnH5p1-TVYxfjDGeyxSKfEH2G9poc_Qt0hp1aH17oC7oBocufFPXBWq7RvuWHrDFoPt51_WhC74_NrTSEe10UA86ILXYo-l9196QK6friKvfXJKPx4f99jnZvT69bDe7xAAUKhHaFCgyx52pcmnB5AjWCKeUYJihUshYjha4RimqzEjJClvIvDKZSTlguiR3518TuhgDuvIUfKPDWHJWzkLKWUg5CZnQ5IwOvsbxX658f_uEmf8B9rljUQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>A machine learning framework for domain generating algorithm based malware detection</title><source>Access via Wiley Online Library</source><creator>G. P., Akhila ; R., Gayathri ; S., Keerthana ; Gladston, Angelin</creator><creatorcontrib>G. P., Akhila ; R., Gayathri ; S., Keerthana ; Gladston, Angelin</creatorcontrib><description>Real‐time detection of domain names that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficient to handle DGA threats. In this paper, a machine learning framework for identifying and detecting DGA domains is proposed to alleviate the threat. The proposed machine learning framework consists of a two‐level model. In the two‐level model, the DGA domains are classified apart from normal domains and then the clustering method is used to identify the algorithms that generate those DGA domains.</description><identifier>ISSN: 2475-6725</identifier><identifier>EISSN: 2475-6725</identifier><identifier>DOI: 10.1002/spy2.127</identifier><language>eng</language><publisher>Boston, USA: Wiley Periodicals, Inc</publisher><subject>density‐based spatial clustering of applications with noise ; DGA ; gradient boosting tree ; J48 ; Jaccard‐index ; logistic regression ; machine learning ; malware ; n‐grams entropy ordering points to identify the clustering</subject><ispartof>Security and privacy, 2020-11, Vol.3 (6), p.n/a</ispartof><rights>2020 John Wiley & Sons Ltd</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c2297-5ac9e54f1fcb86d2c8e2dc5f7750e4e77e008ed21ae65b4c6609d968bc4c312e3</citedby><cites>FETCH-LOGICAL-c2297-5ac9e54f1fcb86d2c8e2dc5f7750e4e77e008ed21ae65b4c6609d968bc4c312e3</cites><orcidid>0000-0003-3899-2474</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://onlinelibrary.wiley.com/doi/pdf/10.1002%2Fspy2.127$$EPDF$$P50$$Gwiley$$H</linktopdf><linktohtml>$$Uhttps://onlinelibrary.wiley.com/doi/full/10.1002%2Fspy2.127$$EHTML$$P50$$Gwiley$$H</linktohtml><link.rule.ids>314,780,784,1417,27924,27925,45574,45575</link.rule.ids></links><search><creatorcontrib>G. P., Akhila</creatorcontrib><creatorcontrib>R., Gayathri</creatorcontrib><creatorcontrib>S., Keerthana</creatorcontrib><creatorcontrib>Gladston, Angelin</creatorcontrib><title>A machine learning framework for domain generating algorithm based malware detection</title><title>Security and privacy</title><description>Real‐time detection of domain names that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficient to handle DGA threats. In this paper, a machine learning framework for identifying and detecting DGA domains is proposed to alleviate the threat. The proposed machine learning framework consists of a two‐level model. In the two‐level model, the DGA domains are classified apart from normal domains and then the clustering method is used to identify the algorithms that generate those DGA domains.</description><subject>density‐based spatial clustering of applications with noise</subject><subject>DGA</subject><subject>gradient boosting tree</subject><subject>J48</subject><subject>Jaccard‐index</subject><subject>logistic regression</subject><subject>machine learning</subject><subject>malware</subject><subject>n‐grams entropy ordering points to identify the clustering</subject><issn>2475-6725</issn><issn>2475-6725</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2020</creationdate><recordtype>article</recordtype><recordid>eNp1kL1qwzAYRUVpoSEN9BE0dnEqfbYkewyhfxBooenQycjSp0Stf4JkMH772qRDl073wj3c4RByy9maMwb38TTCmoO6IAvIlEikAnH5p1-TVYxfjDGeyxSKfEH2G9poc_Qt0hp1aH17oC7oBocufFPXBWq7RvuWHrDFoPt51_WhC74_NrTSEe10UA86ILXYo-l9196QK6friKvfXJKPx4f99jnZvT69bDe7xAAUKhHaFCgyx52pcmnB5AjWCKeUYJihUshYjha4RimqzEjJClvIvDKZSTlguiR3518TuhgDuvIUfKPDWHJWzkLKWUg5CZnQ5IwOvsbxX658f_uEmf8B9rljUQ</recordid><startdate>202011</startdate><enddate>202011</enddate><creator>G. P., Akhila</creator><creator>R., Gayathri</creator><creator>S., Keerthana</creator><creator>Gladston, Angelin</creator><general>Wiley Periodicals, Inc</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0003-3899-2474</orcidid></search><sort><creationdate>202011</creationdate><title>A machine learning framework for domain generating algorithm based malware detection</title><author>G. P., Akhila ; R., Gayathri ; S., Keerthana ; Gladston, Angelin</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c2297-5ac9e54f1fcb86d2c8e2dc5f7750e4e77e008ed21ae65b4c6609d968bc4c312e3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2020</creationdate><topic>density‐based spatial clustering of applications with noise</topic><topic>DGA</topic><topic>gradient boosting tree</topic><topic>J48</topic><topic>Jaccard‐index</topic><topic>logistic regression</topic><topic>machine learning</topic><topic>malware</topic><topic>n‐grams entropy ordering points to identify the clustering</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>G. P., Akhila</creatorcontrib><creatorcontrib>R., Gayathri</creatorcontrib><creatorcontrib>S., Keerthana</creatorcontrib><creatorcontrib>Gladston, Angelin</creatorcontrib><collection>CrossRef</collection><jtitle>Security and privacy</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>G. P., Akhila</au><au>R., Gayathri</au><au>S., Keerthana</au><au>Gladston, Angelin</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A machine learning framework for domain generating algorithm based malware detection</atitle><jtitle>Security and privacy</jtitle><date>2020-11</date><risdate>2020</risdate><volume>3</volume><issue>6</issue><epage>n/a</epage><issn>2475-6725</issn><eissn>2475-6725</eissn><abstract>Real‐time detection of domain names that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficient to handle DGA threats. In this paper, a machine learning framework for identifying and detecting DGA domains is proposed to alleviate the threat. The proposed machine learning framework consists of a two‐level model. In the two‐level model, the DGA domains are classified apart from normal domains and then the clustering method is used to identify the algorithms that generate those DGA domains.</abstract><cop>Boston, USA</cop><pub>Wiley Periodicals, Inc</pub><doi>10.1002/spy2.127</doi><tpages>16</tpages><orcidid>https://orcid.org/0000-0003-3899-2474</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 2475-6725
ispartof	Security and privacy, 2020-11, Vol.3 (6), p.n/a
issn	2475-6725 2475-6725
language	eng
recordid	cdi_crossref_primary_10_1002_spy2_127
source	Access via Wiley Online Library
subjects	density‐based spatial clustering of applications with noise DGA gradient boosting tree J48 Jaccard‐index logistic regression machine learning malware n‐grams entropy ordering points to identify the clustering
title	A machine learning framework for domain generating algorithm based malware detection
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-02T00%3A14%3A27IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-wiley_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20machine%20learning%20framework%20for%20domain%20generating%20algorithm%20based%20malware%20detection&rft.jtitle=Security%20and%20privacy&rft.au=G.%20P.,%20Akhila&rft.date=2020-11&rft.volume=3&rft.issue=6&rft.epage=n/a&rft.issn=2475-6725&rft.eissn=2475-6725&rft_id=info:doi/10.1002/spy2.127&rft_dat=%3Cwiley_cross%3ESPY2127%3C/wiley_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true