Detection of algorithmically generated malicious domain names using masked N-grams
نویسندگان
چکیده
منابع مشابه
Proactive Detection of Algorithmically Generated Malicious Domains
Using an intrinsic feature of malicious domain name queries prior to their registration (perhaps due to clock drift), we devise a difference-based lightweight feature for malicious domain name detection. Using NXDomain query and response of a popular malware, we establish the effectiveness of our detector with 99% accuracy, and as early as more than 48 hours before they are registered. Our tech...
متن کاملDetection of New Malicious Code Using N-grams Signatures
Signature-based malicious code detection is the standard technique in all commercial anti-virus software. This method can detect a virus only after the virus has appeared and caused damage. Signature-based detection performs poorly when attempting to identify new viruses. Motivated by the standard signature-based technique for detecting viruses, and a recent successful text classification metho...
متن کاملUnsupervised, low latency anomaly detection of algorithmically generated domain names by generative probabilistic modeling
We propose a method for detecting anomalous domain names, with focus on algorithmically generated domain names which are frequently associated with malicious activities such as fast flux service networks, particularly for bot networks (or botnets), malware, and phishing. Our method is based on learning a (null hypothesis) probability model based on a large set of domain names that have been whi...
متن کاملEmbedded Malware Detection Using Markov n-Grams
Embedded malware is a recently discovered security threat that allows malcode to be hidden inside a benign file. It has been shown that embedded malware is not detected by commercial antivirus software even when the malware signature is present in the antivirus database. In this paper, we present a novel anomaly detection scheme to detect embedded malware. We first analyze byte sequences in ben...
متن کاملSpam Detection Using Character N-Grams
This paper presents a content-based approach to spam detection based on low-level information. Instead of the traditional 'bag of words' representation, we use a 'bag of character n-grams' representation which avoids the sparse data problem that arises in n-grams on the word-level. Moreover, it is language-independent and does not require any lemmatizer or 'deep' text preprocessing. Based on ex...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Expert Systems with Applications
سال: 2019
ISSN: 0957-4174
DOI: 10.1016/j.eswa.2019.01.050