Detecting DNS fast-flux anomalies
作者: Supranamaya Ranjan
DOI:
关键词: Set (abstract data type) 、 Data mining 、 Zone file 、 Fast flux 、 Computer science 、 Alphanumeric 、 Domain (software engineering) 、 Domain Name System 、 Metric (mathematics) 、 Central processing unit
摘要: A method for detecting automatically generated malicious domain names in a network. The includes identifying plurality of name service (DNS) queries the network, wherein DNS share common attribute, analyzing, using central processing unit (CPU) computer, to identify alphanumeric elements embedded set associated with queries, CPU, determine distribution metric names, and generating an alert based on according pre-determined criterion.
lens.org 参考文章(8)
Saumyavapuh Lugani, Snigdhendu Mukhopadhyay, Kuntal Daftary, Chui-Tin Yen, Method and apparatus for detecting botnets ,(2010)
Nan Jiang, Li Li, Jin Cao, System and method for detection of domain-flux botnets and the like ,(2010)
Ramakant Pandrangi, Shuang Hao, Nicholas G. Feamster, Systems and methods for identifying malicious domains using internet-wide DNS lookup patterns ,(2011)
Hyun Cheol Jeong, Chae Tae Im, Joo Hyung Oh, Dong Wan Kang, Tae Jin Lee, Yong Geun Won, Seung Gao Ji, System and method for modeling activity patterns of network traffic to detect botnets ,(2010)
Fadi El-Moussa, Detecting malicious behaviour on a computer network ,(2010)
Mihai Christodorescu, Douglas L. Schales, Olivier Verscheure, Reiner Sailer, Josyula Rao, Lisa Amini, Mitchell A. Cohen, Srinivasan Parthasarathy, Wietse Z. Venema, Adaptive cyber-security analytics ,(2010)
Sang Youb Lee, Young Kwan Kwon, Seung Tak Oh, Ju Hwan Jeong, Gyu Kweon Han, Se Man Oh, A malignant bot confrontation method and its system ,(2006)
Krishna Narayanaswamy, Bryan Burns, Detecting malicious network software agents ,(2010)