DomainChroma: Building actionable threat intelligence from malicious domain names
作者: Daiki Chiba , Mitsuaki Akiyama , Takeshi Yagi , Kunio Hato , Tatsuya Mori
DOI: 10.1016/J.COSE.2018.03.013
关键词:
摘要: Abstract Since the 1980s, domain names and name system (DNS) have been used abused. Although legitimate Internet users rely on as indispensable infrastructures for using Internet, attackers use or abuse them reliable, instantaneous, distributed attack infrastructures. However, there is a lack of complete understanding such domain-name abuses methods coping with them. In this study, we designed implemented unified analysis combining current defense solutions to build actionable threat intelligence from malicious names. The basic concept underlying our chromatography. Our can distinguish among mixtures websites. On basis concept, do not create hodgepodge but design separation abused offer information by considering characteristics well possible points defense. Finally, evaluated defense-information output large real dataset show effectiveness validity system.
elsevier.com
sci-hub.se 参考文章(57)
Davide Canali, Davide Balzarotti, Aurélien Francillon, The role of web hosting providers in detecting compromised websites Proceedings of the 22nd international conference on World Wide Web - WWW '13. pp. 177- 188 ,(2013) , 10.1145/2488388.2488405
Leyla Bilge, Engin Kirda, Christopher Kruegel, Marco Balduzzi, EXPOSURE : Finding malicious domains using passive DNS analysis network and distributed system security symposium. ,(2011)
Mitsuaki Akiyama, Takeshi Yagi, Mitsutaka Itoh, Searching Structural Neighborhood of Malicious URLs to Improve Blacklisting 2011 IEEE/IPSJ International Symposium on Applications and the Internet. pp. 1- 10 ,(2011) , 10.1109/SAINT.2011.11
C. Rossow, D. Andriesse, T. Werner, B. Stone-Gross, D. Plohmann, C. J. Dietrich, H. Bos, SoK: P2PWNED - Modeling and Evaluating the Resilience of Peer-to-Peer Botnets ieee symposium on security and privacy. pp. 97- 111 ,(2013) , 10.1109/SP.2013.17
E. L. Kaplan, Paul Meier, Nonparametric Estimation from Incomplete Observations Springer Series in Statistics. ,vol. 53, pp. 319- 337 ,(1992) , 10.1007/978-1-4612-4380-9_25
Pieter Agten, Wouter Joosen, Frank Piessens, Nick Nikiforakis, Seven Months' Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse network and distributed system security symposium. ,(2015) , 10.14722/NDSS.2015.23058
Christian Rossow, Amplification Hell: Revisiting Network Protocols for DDoS Abuse network and distributed system security symposium. ,(2014) , 10.14722/NDSS.2014.23233
Yacin Nadji, David Dagon, Wenke Lee, Yizheng Chen, Manos Antonakakis, Roberto Perdisci, DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic dependable systems and networks. pp. 598- 609 ,(2014) , 10.1109/DSN.2014.61
Thomas Vissers, Wouter Joosen, Nick Nikiforakis, Parking sensors: Analyzing and detecting parked domains network and distributed system security symposium. pp. 53- 53 ,(2015) , 10.14722/NDSS.2015.23053
Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel, Giovanni Vigna, The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements internet measurement conference. pp. 373- 380 ,(2014) , 10.1145/2663716.2663719