Algorithmically generated malicious domain names detection based on n-grams features
作者:
Highlights:
• Identification of a botnet command and control server through DNS requests analysis.
• Focus on Domain name Generation Algorithms (DGAs).
• Use of a Machine Learning Classifier for malicious domain names detection.
• Domain names characterization through lexical features (n-grams based).
• Classification based on the Kullback-Leibner divergence and Jaccard Index metrics.
摘要
•Identification of a botnet command and control server through DNS requests analysis.•Focus on Domain name Generation Algorithms (DGAs).•Use of a Machine Learning Classifier for malicious domain names detection.•Domain names characterization through lexical features (n-grams based).•Classification based on the Kullback-Leibner divergence and Jaccard Index metrics.
论文关键词:Domain generation algorithm,Botnet,Machine learning,DNS query,Kullback-Leibner divergence,Jaccard Index
论文评审过程:Received 19 March 2020, Revised 26 December 2020, Accepted 26 December 2020, Available online 30 December 2020, Version of Record 7 February 2021.
论文官网地址:https://doi.org/10.1016/j.eswa.2020.114551
