An Approach for Identifying Malicious Domain Names Generated by Dictionary-Based DGA Bots
-
- SATOH Akihiro
- Kyushu Institute of Technology
-
- NAKAMURA Yutaka
- Kyushu Institute of Technology
-
- FUKUDA Yutaka
- Kyushu Institute of Technology
-
- NOBAYASHI Daiki
- Kyushu Institute of Technology
-
- IKENAGA Takeshi
- Kyushu Institute of Technology
Search this article
Abstract
<p>Computer networks are facing serious threats from the emergence of sophisticated new DGA bots. These DGA bots have their own dictionary, from which they concatenate words to dynamically generate domain names that are difficult to distinguish from human-generated domain names. In this letter, we propose an approach for identifying the callback communications of DGA bots based on relations among the words that constitute the character string of each domain name. Our evaluation indicates high performance, with a recall of 0.9977 and a precision of 0.9869.</p>
Journal
-
- IEICE Transactions on Information and Systems
-
IEICE Transactions on Information and Systems E104.D (5), 669-672, 2021-05-01
The Institute of Electronics, Information and Communication Engineers
- Tweet
Details
-
- CRID
- 1390569382246445952
-
- NII Article ID
- 130008032867
-
- NII Book ID
- AA10826272
-
- ISSN
- 17451361
- 09168532
-
- HANDLE
- 10228/00008235
-
- Text Lang
- en
-
- Data Source
-
- JaLC
- IRDB
- Crossref
- CiNii Articles
-
- Abstract License Flag
- Disallowed