An Approach for Identifying Malicious Domain Names Generated by Dictionary-Based DGA Bots
Summary :
Computer networks are facing serious threats from the emergence of sophisticated new DGA bots. These DGA bots have their own dictionary, from which they concatenate words to dynamically generate domain names that are difficult to distinguish from human-generated domain names. In this letter, we propose an approach for identifying the callback communications of DGA bots based on relations among the words that constitute the character string of each domain name. Our evaluation indicates high performance, with a recall of 0.9977 and a precision of 0.9869.
- Publication
- IEICE TRANSACTIONS on Information Vol.E104-D No.5 pp.669-672
- Publication Date
- 2021/05/01
- Publicized
- 2021/02/17
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.2020NTL0001
- Type of Manuscript
- Special Section LETTER (Special Section on the Architectures, Protocols, and Applications for the Future Internet)
- Category
Authors
Akihiro SATOH
Kyushu Institute of Technology
Yutaka NAKAMURA
Kyushu Institute of Technology
Yutaka FUKUDA
Kyushu Institute of Technology
Daiki NOBAYASHI
Kyushu Institute of Technology
Takeshi IKENAGA
Kyushu Institute of Technology
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Akihiro SATOH, Yutaka NAKAMURA, Yutaka FUKUDA, Daiki NOBAYASHI, Takeshi IKENAGA, "An Approach for Identifying Malicious Domain Names Generated by Dictionary-Based DGA Bots" in IEICE TRANSACTIONS on Information,
vol. E104-D, no. 5, pp. 669-672, May 2021, doi: 10.1587/transinf.2020NTL0001.
Abstract: Computer networks are facing serious threats from the emergence of sophisticated new DGA bots. These DGA bots have their own dictionary, from which they concatenate words to dynamically generate domain names that are difficult to distinguish from human-generated domain names. In this letter, we propose an approach for identifying the callback communications of DGA bots based on relations among the words that constitute the character string of each domain name. Our evaluation indicates high performance, with a recall of 0.9977 and a precision of 0.9869.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2020NTL0001/_p
Copy
@ARTICLE{e104-d_5_669,
author={Akihiro SATOH, Yutaka NAKAMURA, Yutaka FUKUDA, Daiki NOBAYASHI, Takeshi IKENAGA, },
journal={IEICE TRANSACTIONS on Information},
title={An Approach for Identifying Malicious Domain Names Generated by Dictionary-Based DGA Bots},
year={2021},
volume={E104-D},
number={5},
pages={669-672},
abstract={Computer networks are facing serious threats from the emergence of sophisticated new DGA bots. These DGA bots have their own dictionary, from which they concatenate words to dynamically generate domain names that are difficult to distinguish from human-generated domain names. In this letter, we propose an approach for identifying the callback communications of DGA bots based on relations among the words that constitute the character string of each domain name. Our evaluation indicates high performance, with a recall of 0.9977 and a precision of 0.9869.},
keywords={},
doi={10.1587/transinf.2020NTL0001},
ISSN={1745-1361},
month={May},}
Copy
TY - JOUR
TI - An Approach for Identifying Malicious Domain Names Generated by Dictionary-Based DGA Bots
T2 - IEICE TRANSACTIONS on Information
SP - 669
EP - 672
AU - Akihiro SATOH
AU - Yutaka NAKAMURA
AU - Yutaka FUKUDA
AU - Daiki NOBAYASHI
AU - Takeshi IKENAGA
PY - 2021
DO - 10.1587/transinf.2020NTL0001
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E104-D
IS - 5
JA - IEICE TRANSACTIONS on Information
Y1 - May 2021
AB - Computer networks are facing serious threats from the emergence of sophisticated new DGA bots. These DGA bots have their own dictionary, from which they concatenate words to dynamically generate domain names that are difficult to distinguish from human-generated domain names. In this letter, we propose an approach for identifying the callback communications of DGA bots based on relations among the words that constitute the character string of each domain name. Our evaluation indicates high performance, with a recall of 0.9977 and a precision of 0.9869.
ER -
English
