Tong et al., 2016 - Google Patents
A method for detecting DGA botnet based on semantic and cluster analysisTong et al., 2016
View PDF- Document ID
- 4729458989110344253
- Author
- Tong V
- Nguyen G
- Publication year
- Publication venue
- Proceedings of the 7th Symposium on Information and Communication Technology
External Links
Snippet
Botnets play major roles in a vast number of threats to network security, such as DDoS attacks, generation of spam emails, information theft. Detecting Botnets is a difficult task in due to the complexity and performance issues when analyzing the huge amount of data from …
- 238000007621 cluster analysis 0 title description 2
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Tong et al. | A method for detecting DGA botnet based on semantic and cluster analysis | |
| Lian et al. | An Intrusion Detection Method Based on Decision Tree‐Recursive Feature Elimination in Ensemble Learning | |
| US11329952B2 (en) | System and method for detecting generated domain | |
| Vinayakumar et al. | Scalable framework for cyber threat situational awareness based on domain name systems data analysis | |
| Gardiner et al. | On the security of machine learning in malware c&c detection: A survey | |
| Vinayakumar et al. | DBD: Deep learning DGA-based botnet detection | |
| Niu et al. | Identifying APT malware domain based on mobile DNS logging | |
| Sivaguru et al. | Inline detection of DGA domains using side information | |
| Khan et al. | Identifying generic features for malicious url detection system | |
| Celik et al. | Detection of Fast-Flux Networks using various DNS feature sets | |
| He et al. | Malicious domain detection via domain relationship and graph models | |
| Nguyen et al. | DGA botnet detection using collaborative filtering and density-based clustering | |
| Vinayakumar et al. | Improved DGA domain names detection and categorization using deep learning architectures with classical machine learning algorithms | |
| Nadeem et al. | Beyond labeling: Using clustering to build network behavioral profiles of malware families | |
| Monshizadeh et al. | Security related data mining | |
| Liu et al. | CCGA: clustering and capturing group activities for DGA-based botnets detection | |
| Nazarudeen et al. | Efficient DDoS attack detection using machine learning techniques | |
| Wang et al. | A dictionary-based method for detecting machine-generated domains | |
| Gogoi et al. | A Hybrid approach combining blocklists, machine learning and deep learning for detection of malicious URLs | |
| Aravena et al. | Dom2Vec-detecting DGA domains through word embeddings and AI/ML-Driven lexicographic analysis | |
| Shen et al. | Deep Learning powered adversarial sample attack approach for security detection of DGA domain name in cyber physical systems | |
| Ajmera et al. | A survey report on identifying different machine learning algorithms in detecting domain generation algorithms within enterprise network | |
| Zhu et al. | Detecting malicious domains using modified SVM model | |
| Thein et al. | Malicious Domain Detection Based on Decision Tree | |
| Wang | Botnet detection via machine learning techniques |