Enabling Network Security Through Active DNS Datasets
作者: Athanasios Kountouras , Panagiotis Kintis , Chaz Lever , Yizheng Chen , Yacin Nadji
DOI: 10.1007/978-3-319-45719-2_9
关键词:
摘要: Most modern cyber crime leverages the Domain Name System (DNS) to attain high levels of network agility and make detection Internet abuse challenging. The majority malware, which represent a key component illicit operations, are programmed locate IP address their command-and-control (C&C) server through DNS lookups. To malicious infrastructure both agile resilient, malware authors often use sophisticated communication methods that utilize (i.e., domain generation algorithms) for campaigns. In general, miscreants extensive short-lived disposable domains promote large variety threats support criminal operations.
springer.com
sci-hub.se 参考文章(20)
Felix C. Freiling, Konrad Rieck, Christian Gorecki, Thorsten Holz, Measuring and Detecting Fast-Flux Service Networks network and distributed system security symposium. ,(2008)
Mark Felegyhazi, Vern Paxson, Christian Kreibich, On the potential of proactive domain blacklisting usenix conference on large scale exploits and emergent threats. pp. 6- 6 ,(2010)
Bojan Zdrnja, Nevil Brownlee, Duane Wessels, Passive Monitoring of DNS Anomalies Detection of Intrusions and Malware, and Vulnerability Assessment. ,vol. 4579, pp. 129- 139 ,(2007) , 10.1007/978-3-540-73614-1_8
Babak Rahbarinia, Roberto Perdisci, Manos Antonakakis, Segugio: Efficient Behavior-Based Tracking of Malware-Control Domains in Large ISP Networks 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. pp. 403- 414 ,(2015) , 10.1109/DSN.2015.35
Manos Antonakakis, David Dagon, Xiapu Luo, Roberto Perdisci, Wenke Lee, Justin Bellmor, A centralized monitoring infrastructure for improving DNS security recent advances in intrusion detection. pp. 18- 37 ,(2010) , 10.1007/978-3-642-15512-3_2
Roberto Perdisci, David Dagon, Yacin Nadji, Manos Antonakakis, Nikolaos Vasiloglou, Wenke Lee, Saeed Abu-Nimeh, From throw-away traffic to bots: detecting the rise of DGA-based malware usenix security symposium. pp. 24- 24 ,(2012)
Y. Rekhter, Address Allocation for Private Internets RFC. ,vol. 1597, pp. 1- 8 ,(1994)
Leyla Bilge, Engin Kirda, Christopher Kruegel, Marco Balduzzi, EXPOSURE : Finding malicious domains using passive DNS analysis network and distributed system security symposium. ,(2011)
Pawan Prakash, Manish Kumar, Ramana Rao Kompella, Minaxi Gupta, PhishNet: Predictive Blacklisting to Detect Phishing Attacks international conference on computer communications. pp. 346- 350 ,(2010) , 10.1109/INFCOM.2010.5462216
Kazumichi SATO, Keisuke ISHIBASHI, Tsuyoshi TOYONO, Haruhisa HASEGAWA, Hideaki YOSHINO, Extending Black Domain Name List by Using Co-occurrence Relation between DNS Queries IEICE Transactions on Communications. ,vol. 95, pp. 794- 802 ,(2012) , 10.1587/TRANSCOM.E95.B.794