Abstract
Domain generation algorithms (DGA) create a large number of domains in order to distribute malware or send commands to targeted systems. Each domain name generated by DGA is used to create a temporary connection between attacker's server and the targeted system. Since a targeted system tries to issue requests to any of the domains that are created by DGA, blocking DGA domains are crucial to prevent attacks. Current DGA detection mechanisms fail to detect DGA domains with high accuracy on financial systems. In this research, we propose a new model based on machine learning algorithms to detect DGA domains with high accuracy on specific financial services. We experimentally evaluated the proposed model with data that contain both known DGA and legitimate domains. We observed that the proposed model detects DGA domains with high accuracy, such as %96.2.
| Original language | English |
|---|---|
| Title of host publication | 2024 7th International Balkan Conference on Communications and Networking, BalkanCom 2024 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 200-205 |
| Number of pages | 6 |
| ISBN (Electronic) | 9798350365955 |
| DOIs | |
| Publication status | Published - 2024 |
| Event | 7th International Balkan Conference on Communications and Networking, BalkanCom 2024 - Ljubljana, Slovenia Duration: 3 Jun 2024 → 6 Jun 2024 |
Publication series
| Name | 2024 7th International Balkan Conference on Communications and Networking, BalkanCom 2024 |
|---|
Conference
| Conference | 7th International Balkan Conference on Communications and Networking, BalkanCom 2024 |
|---|---|
| Country/Territory | Slovenia |
| City | Ljubljana |
| Period | 3/06/24 → 6/06/24 |
Bibliographical note
Publisher Copyright:© 2024 IEEE.
Keywords
- Attack
- DGA
- Domain Flux
- Financial Services
- Intrusion Detection