From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware

Download Now
Provided by: University of Genova
Topic: Security
Format: PDF
Many botnet detection systems employ a blacklist of known Command and Control (C&C) domains to detect bots and block their traffic. Similar to signature-based virus detection, such a botnet detection approach is static because the blacklist is updated only after running an external (and often manual) process of domain discovery. As a response, botmasters have begun employing Domain Generation Algorithms (DGAs) to dynamically produce a large number of random domain names and select a small subset for actual C&C use.
Download Now

Find By Topic