Liang Ding1,*, Lunjie Li1, Jianghong Han1, Yuqi Fan2,*, Donghui Hu1
CMC-Computers, Materials & Continua, Vol.61, No.3, pp. 1285-1304, 2019, DOI:10.32604/cmc.2019.06160
Abstract Botnets often use domain generation algorithms (DGA) to connect to a command and control (C2) server, which enables the compromised hosts connect to the C2 server for accessing many domains. The detection of DGA domains is critical for blocking the C2 server, and for identifying the compromised hosts as well. However, the detection is difficult, because some DGA domain names look normal. Much of the previous work based on statistical analysis of machine learning relies on manual features and contextual information, which causes long response time and cannot be used for real-time detection. In addition,… More >
Login
Register
