首页> 外文会议>Irish Signals and Systems Conference >Getting Prepared for the Next Botnet Attack : Detecting Algorithmically Generated Domains in Botnet Command and Control

【24h】

Getting Prepared for the Next Botnet Attack : Detecting Algorithmically Generated Domains in Botnet Command and Control

机译：为下一次僵尸网络攻击做准备：在僵尸网络命令和控制中检测算法生成的域

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

This paper highlights the high noise to signal ratio that DNS traffic poses to network defense' incident detection and response, and the broader topic of the critical time component required from intrusion detection for actionable security intelligence. Nowhere is this truer than in the monitoring and interception of malware command and control communications hidden amongst benign DNS internet traffic. Global ransomware and malware families were responsible for over 5 billion USD in losses. In 4 days Reaper, a Mirai variant, infected 2.7m nodes. The scale of malware infections outstrips information security blacklisting ability to keep pace. Machine learning techniques, such as CLIP, provide the ability to detect malware traffic to malicious command and control domains with high reliability using lexical properties and semantic patterns in algorithmically generated domain names.

机译：本文重点介绍了DNS流量对网络防御的事件检测和响应造成的高信噪比，以及入侵检测对可操作的安全智能所需的关键时间组件的更广泛主题。在监控和拦截隐藏在良性DNS互联网流量中的恶意软件命令和控制通信中，没有比这更真实的了。全球勒索软件和恶意软件家族造成的损失超过50亿美元。在4天之内，Mirai变种“收割者”感染了270万个节点。恶意软件感染的规模超过了信息安全黑名单保持同步的能力。诸如CLIP之类的机器学习技术提供了使用算法生成的域名中的词汇属性和语义模式，以高可靠性检测到恶意命令和控制域的恶意软件流量的功能。

著录项

来源
《Irish Signals and Systems Conference》|2018年|1-6|共6页
会议地点
作者
Tim Kelley; Eoghan Furey;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
computer network security; Internet; invasive software; learning (artificial intelligence); telecommunication traffic;

机译：计算机网络安全;互联网;入侵软件;学习（人工智能）;电信流量;
入库时间 2022-08-26 13:51:50

相似文献

外文文献
中文文献
专利

1. UMUDGA: A dataset for profiling algorithmically generated domain names in botnet detection [J] . Mattia Zago, Manuel Gil Pérez, Gregorio Martínez Pérez Data in Brief . 2020,第2期

机译：UMUDGA：用于映射算法检测中的算法生成的域名的数据集
2. Cylindrical Coordinates Security Visualization for multiple domain command and control botnet detection [J] . Ilju Seo, Heejo Lee, Seung Chul Han Computers & Security . 2014,第octa期

机译：圆柱坐标安全性可视化，用于多域命令和控制僵尸网络检测
3. Detecting Algorithmically Generated Domain-Flux Attacks With DNS Traffic Analysis [J] . Yadav S., Reddy A. K. K., Reddy A. L. N., Networking, IEEE/ACM Transactions on . 2012,第5期

机译：使用DNS流量分析检测算法生成的域通量攻击
4. Getting Prepared for the Next Botnet Attack : Detecting Algorithmically Generated Domains in Botnet Command and Control [C] . Tim Kelley, Eoghan Furey Irish Signals and Systems Conference . 2018

机译：为下一个僵尸网络攻击做好准备：在僵尸网络命令和控制中检测算法生成的域
5. Social Networks as Command & Control Channels for Botnets. [D] . St. Onge, Adam. 2014

机译：社交网络作为僵尸网络的命令和控制渠道。
6. UMUDGA: A dataset for profiling algorithmically generated domain names in botnet detection [O] . Mattia Zago, Manuel Gil Pérez, Gregorio Martínez Pérez 2020

机译：UMUDGA：用于在僵尸网络检测中概要分析算法生成的域名的数据集
7. Detecting SMS-based control commands in a Botnet from infected android devices [O] . Nguyen, Anh, Pan, Lei 2012

机译：从受感染的android设备检测僵尸网络中基于SMS的控制命令

Getting Prepared for the Next Botnet Attack : Detecting Algorithmically Generated Domains in Botnet Command and Control

摘要

著录项

相似文献

相关主题

期刊订阅