Ensemble-based Feature Selection and Classification Model for DNS Typo-squatting Detection
作者: Abdallah Shami , Abdallah Moubayed , Emad Aqeeli
DOI:
关键词:
摘要: Domain Name System (DNS) plays in important role the current IP-based Internet architecture. This is because it performs domain name to IP resolution. However, DNS protocol has several security vulnerabilities due lack of data integrity and origin authentication within it. paper focuses on one particular vulnerability, namely typo-squatting. Typo-squatting refers registration a that extremely similar an existing popular brand with goal redirecting users malicious/suspicious websites. The danger typo-squatting can lead information threat, corporate secret leakage, facilitate fraud. builds our previous work [1], which only proposed majority-voting based classifier, by proposing ensemble-based feature selection bagging classification model detect attack. Experimental results show framework achieves high accuracy precision identifying domains (a loss at most 1.5% 5% when compared used complete set) while having lower computational complexity smaller set reduction more than 50% size).
arxiv.org
harvard.edu参考文章(34)
M. Hall, Correlation-based Feature Selection for Machine Learning PhD Thesis, Waikato Univer-sity. ,(1998)
Craig G. Nevill-Manning, Geoffrey Holmes, Feature selection via the discovery of simple classification rules University of Waikato, Department of Computer Science. ,(1995)
Boyan Ivanov Bonev, Feature Selection based on Information Theory Universidad de Alicante. ,(2010)
Roy Arends, Scott Rose, Dan Massey, Matt Larson, Rob Austein, DNS Security Introduction and Requirements RFC. ,vol. 4033, pp. 1- 21 ,(2005)
Leyla Bilge, Engin Kirda, Christopher Kruegel, Marco Balduzzi, EXPOSURE : Finding malicious domains using passive DNS analysis network and distributed system security symposium. ,(2011)
Javed Ashraf, Seemab Latif, Handling intrusion and DDoS attacks in Software Defined Networks using machine learning techniques 2014 National Software Engineering Conference. pp. 55- 60 ,(2014) , 10.1109/NSEC.2014.6998241
Mohamed Abu Sharkh, Manar Jammal, Abdallah Shami, Abdelkader Ouda, Resource allocation in a network-based cloud computing environment: design challenges IEEE Communications Magazine. ,vol. 51, pp. 46- 52 ,(2013) , 10.1109/MCOM.2013.6658651
R. Sathya Bama Krishna, M. Aramudhan, Feature selection based on information theory for pattern classification international conference on control instrumentation communication and computational technologies. pp. 1233- 1236 ,(2014) , 10.1109/ICCICCT.2014.6993149
Suranjith Ariyapperuma, Chris J. Mitchell, Security vulnerabilities in DNS and DNSSEC availability, reliability and security. pp. 335- 342 ,(2007) , 10.1109/ARES.2007.139
Reza Curtmola, Aniello Del Sorbo, Giuseppe Ateniese, On the Performance and Analysis of DNS Security Extensions Cryptology and Network Security. pp. 288- 303 ,(2005) , 10.1007/11599371_24