For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
An Approach for Identifying Malicious Domain Names Generated by Dictionary-Based DGA Bots
Akihiro SATOH Yutaka NAKAMURA Yutaka FUKUDA Daiki NOBAYASHI Takeshi IKENAGA
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2021/05/01
Online ISSN: 1745-1361
Type of Manuscript: Special Section LETTER (Special Section on the Architectures, Protocols, and Applications for the Future Internet)
dga bot, dictionary-based domain generation algorithm, domain name, network security,
Full Text: PDF>>
Computer networks are facing serious threats from the emergence of sophisticated new DGA bots. These DGA bots have their own dictionary, from which they concatenate words to dynamically generate domain names that are difficult to distinguish from human-generated domain names. In this letter, we propose an approach for identifying the callback communications of DGA bots based on relations among the words that constitute the character string of each domain name. Our evaluation indicates high performance, with a recall of 0.9977 and a precision of 0.9869.