CLEAN : An approach for detecting benign domain names based on passive DNS traffic

2017 6th International Conference on Computer Science and Network Technology (ICCSNT) Pub Date : 2017-10-01 DOI:10.1109/ICCSNT.2017.8343715

Chunyu Han, Yongzheng Zhang

引用次数: 1

Abstract

Domain name plays a crucial role on the Internet. Therefore, more and more malicious behavior had been conducted by using the domain name, such as spam, botnet, phishing and the like. Thus, lots of research have been done for detecting these malicious domain names. Nevertheless, the effort focused on benign domain names is little. It is obvious that finding more benign domain names accurately is very helpful for detecting malicious domain names. In this paper, we analyze a great number of domain names and propose a method, CLEAN(CLassifier of bEnign domAin Names), for discovering benign domain names from plenty of domain names on the passive DNS traffic. Eventually, we conducted the experiment to check the effect. The result showed the recall rate is 82.1% and accuracy rate is 92.2%.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

CLEAN:基于被动DNS流量检测良性域名的一种方法

域名在互联网中起着至关重要的作用。因此，利用域名进行的恶意行为越来越多，如垃圾邮件、僵尸网络、网络钓鱼等。因此，人们对这些恶意域名的检测进行了大量的研究。然而，关注良性域名的努力很少。很明显，准确地找到更多的良性域名对于检测恶意域名是非常有帮助的。本文通过对大量域名的分析，提出了一种从被动DNS流量中大量域名中发现良性域名的方法——CLEAN(bEnign domain names CLassifier)。最后，我们进行了实验来检验效果。结果表明，召回率为82.1%，准确率为92.2%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2017 6th International Conference on Computer Science and Network Technology (ICCSNT)

自引率

0.00%

发文量

期刊最新文献

An improved Quantum Particle Swarm Optimization and its application Hidden information recognition based on multitask convolution neural network Research on warehouse management system based on association rules Generalized predictive control and delay compensation for high — Speed EMU network control system Design of IIR digital filter