An Approach for Identifying Malicious Domain Names Generated by Dictionary-Based DGA Bots

An Approach for Identifying Malicious Domain Names Generated by Dictionary-Based DGA Bots

Computer networks are facing serious threats from the emergence of sophisticated new DGA bots. These DGA bots have their own dictionary, from which they concatenate words to dynamically generate domain names that are difficult to distinguish from human-generated domain names. In this letter, we prop...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEICE Transactions on Information and Systems 2021/05/01, Vol.E104.D(5), pp.669-672
Hauptverfasser: SATOH, Akihiro, NAKAMURA, Yutaka, FUKUDA, Yutaka, NOBAYASHI, Daiki, IKENAGA, Takeshi
Format: Artikel
Sprache:eng
Schlagworte:
Computer networks
dga bot
Dictionaries
dictionary-based domain generation algorithm
domain name
Domain names
network security
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Computer networks are facing serious threats from the emergence of sophisticated new DGA bots. These DGA bots have their own dictionary, from which they concatenate words to dynamically generate domain names that are difficult to distinguish from human-generated domain names. In this letter, we propose an approach for identifying the callback communications of DGA bots based on relations among the words that constitute the character string of each domain name. Our evaluation indicates high performance, with a recall of 0.9977 and a precision of 0.9869.
ISSN:0916-8532
1745-1361
DOI:10.1587/transinf.2020NTL0001