Malicious Domain Detection Based on Traffic Similarity
نویسندگان
چکیده
منابع مشابه
Botnet Malicious Activity Detection Based on DNS Traffic Analysis
In the field of internet security botnet is becoming the significant threat as more number of users are connected to internet. Botnet which is a collection of infected computers so called (bots) are becoming the major threat to internet community. The difference between a malware and botnet is that bot is remotely controlled by a C&C server which are under the control of a botmaster. Here in th...
متن کاملA Structure Similarity-based Approach to Malicious Android App Detection
The advance of computational power and storage device equipped the mobile devices to involve more and more peoples’ daily works, and store voluminous organization’s confidential documents as well as general user’s personal data. The extensibility feature of mobile device has attracted many app developers’ contributions; while it in turns becomes the attacking target of the computer hackers. The...
متن کاملTraffic Classification Based on Flow Similarity
Due to the various masquerading strategies adopted by newer P2P applications to avoid detection and filtering, well-known port mapping techniques cannot guarantee their accuracy any more. Alternative approaches, application-signature mapping, behavior-based analysis, and machine learning based classification methods, show more promising accuracy. However, these methods still have complexity iss...
متن کاملEffect of Malicious Traffic on the Network
The Internet has witnessed a steady rise in malicious traffic including DDoS and worm attacks. In this paper, we study the effect of malicious traffic on the background traffic by analyzing recent traces from two different locations. We show that malicious traffic causes an increase in the average DNS latency by 230% and an increase in the average web latency by 30% even on highly over-provisio...
متن کاملTowards Fingerprinting Malicious Traffic
The primary intent of this paper is detect malicious traffic at the network level. To this end, we apply several machine learning techniques to build classifiers that fingerprint maliciousness on IP traffic. As such, J48, Naı̈ve Bayesian, SVM and Boosting algorithms are used to classify malware communications that are generated from dynamic malware analysis framework. The generated traffic log f...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: DEStech Transactions on Computer Science and Engineering
سال: 2017
ISSN: 2475-8841
DOI: 10.12783/dtcse/cii2017/17282