Botnet Domain Name Detection based on Machine Learning
Botnet Domain Name Detection based on Machine Learning
- Author(s): Jian Jin ; Zhiwei Yan ; Guanggang Geng ; Baoping Yan
- DOI: 10.1049/cp.2015.0953
For access to this article, please select a purchase option:
Buy conference paper PDF
Buy Knowledge Pack
IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.
6th International Conference on Wireless, Mobile and Multi-Media (ICWMMN 2015) — Recommend this title to your library
Thank you
Your recommendation has been sent to your librarian.
- Author(s): Jian Jin ; Zhiwei Yan ; Guanggang Geng ; Baoping Yan Source: 6th International Conference on Wireless, Mobile and Multi-Media (ICWMMN 2015), 2015 page ()
- Conference: 6th International Conference on Wireless, Mobile and Multi-Media (ICWMMN 2015)
- DOI: 10.1049/cp.2015.0953
- ISBN: 978-1-78561-046-2
- Location: Beijing, China
- Conference date: 20-23 Nov. 2015
- Format: PDF
Domain Name System (DNS) is a fundamental component of today's Internet: it provides mappings between domain names used by people and the corresponding IP addresses required by network protocols. However, the open and fundamental characteristics of DNS are recently used by the botnet for the communication between bots and C&C. In this paper, we select six kinds of special features of botnet domain querying traffic based on the deep studies of the DNS log. Then three popular classifiers are adopted in order to pick the malicious domains out from the DNS traffic using those features.
Inspec keywords: pattern classification; learning (artificial intelligence); IP networks; invasive software; Internet; telecommunication traffic; protocols
Subjects: Other computer networks; Protocols; Protocols; Knowledge engineering techniques; Computer communications; Data security
Related content
content/conferences/10.1049/cp.2015.0953
pub_keyword,iet_inspecKeyword,pub_concept
6
6