Cited 0 time in
DGA-based malware detection using DNS traffic analysis
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Lee, Jong Youn | - |
| dc.contributor.author | Chang, Jun Young | - |
| dc.contributor.author | Im, Eul Gyu | - |
| dc.date.accessioned | 2022-07-09T09:25:50Z | - |
| dc.date.available | 2022-07-09T09:25:50Z | - |
| dc.date.created | 2021-05-11 | - |
| dc.date.issued | 2019-09 | - |
| dc.identifier.uri | https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/147249 | - |
| dc.description.abstract | A large number of malicious software communicate with C & C (Command and Control) servers to download resources for malicious actions or to receive commands to perform desired attacks. Malware needs to know C & C servers' IP addresses to communicate with, and these IP addresses are usually obtained through DNS (Domain Name System) communications by sending domain names to DNS servers instead of using hard-coded IP addresses in order to avoid analysis and detection. In this process, malware usually uses DGA (Domain Generation Algorithm) to hide domain names of C & C servers and to make difficult to block C & C servers or domain names. Although DGA techniques have been studied extensively, most of previous studies have been based on the analysis of the domain names generated by DGA focusing on the characteristics of the strings. However, this kind of analysis methods has difficulties to detect some domain names generated by DGA with creative criteria. In this paper, we have conducted research to detect malicious code generated by DGA based on the value of flags included in the DNS communication process, deviating from the existing research focusing on domain name only. © 2019 Copyright held by the owner/author(s). | - |
| dc.language | 영어 | - |
| dc.language.iso | en | - |
| dc.publisher | Association for Computing Machinery, Inc | - |
| dc.title | DGA-based malware detection using DNS traffic analysis | - |
| dc.type | Article | - |
| dc.contributor.affiliatedAuthor | Im, Eul Gyu | - |
| dc.identifier.doi | 10.1145/3338840.3355672 | - |
| dc.identifier.scopusid | 2-s2.0-85077208895 | - |
| dc.identifier.bibliographicCitation | Proceedings of the 2019 Research in Adaptive and Convergent Systems, RACS 2019, pp.283 - 288 | - |
| dc.relation.isPartOf | Proceedings of the 2019 Research in Adaptive and Convergent Systems, RACS 2019 | - |
| dc.citation.title | Proceedings of the 2019 Research in Adaptive and Convergent Systems, RACS 2019 | - |
| dc.citation.startPage | 283 | - |
| dc.citation.endPage | 288 | - |
| dc.type.rims | ART | - |
| dc.type.docType | Conference Paper | - |
| dc.description.journalClass | 1 | - |
| dc.description.isOpenAccess | N | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.subject.keywordPlus | Command and control systems | - |
| dc.subject.keywordPlus | Internet protocols | - |
| dc.subject.keywordPlus | Malware | - |
| dc.subject.keywordPlus | Network security | - |
| dc.subject.keywordPlus | Domain name system | - |
| dc.subject.keywordPlus | Generation algorithm | - |
| dc.subject.keywordPlus | Malware analysis | - |
| dc.subject.keywordPlus | Network traffic analysis | - |
| dc.subject.keywordPlus | Software security | - |
| dc.subject.keywordPlus | C (programming language) | - |
| dc.subject.keywordAuthor | DGA | - |
| dc.subject.keywordAuthor | DNS | - |
| dc.subject.keywordAuthor | Domain generation algorithm | - |
| dc.subject.keywordAuthor | Domain name system | - |
| dc.subject.keywordAuthor | Malware analysis | - |
| dc.subject.keywordAuthor | Network security | - |
| dc.subject.keywordAuthor | Network traffic analysis | - |
| dc.subject.keywordAuthor | Software security | - |
| dc.identifier.url | https://dl.acm.org/doi/10.1145/3338840.3355672 | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
222, Wangsimni-ro, Seongdong-gu, Seoul, 04763, Korea+82-2-2220-1366
COPYRIGHT © 2024 HANYANG UNIVERSITY.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.
