DGA-Based Botnet Detection Using DNS Traffic

Download Now
Provided by: Innovative Information Science & Technology Research Group (ISYOU)
Topic: Security
Format: PDF
In recent years, an increasing number of botnets use Domain Generation Algorithms (DGAs) to bypass botnet detection systems. DGAs, also referred as \"Domain fluxing\", has been used since 2004 for botnet controllers, and now become an emerging trend for malware. It can dynamically and frequently generate a large number of random domain names which are used to prevent security systems from detecting and blocking. In this paper, the authors present a new technique to detect DGAs using DNS NXDomain traffic.
Download Now

Find By Topic