Detecting algorithmically generated malicious domain names

@inproceedings{Yadav2010DetectingAG,
  title={Detecting algorithmically generated malicious domain names},
  author={Sandeep Yadav and Ashwath Kumar Krishna Reddy and A. L. Narasimha Reddy and Supranamaya Ranjan},
  booktitle={Internet Measurement Conference},
  year={2010}
}
Recent Botnets such as Conficker, Kraken and Torpig have used DNS based "domain fluxing" for command-and-control, where each Bot queries for existence of a series of domain names and the owner has to register only one such domain name. In this paper, we develop a methodology to detect such "domain fluxes" in DNS traffic by looking for patterns inherent to domain names that are generated algorithmically, in contrast to those generated by humans. In particular, we look at distribution of… CONTINUE READING
Highly Influential
This paper has highly influenced 19 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 304 citations. REVIEW CITATIONS

Citations

Publications citing this paper.
Showing 1-10 of 167 citations

305 Citations

02040'12'14'16'18
Citations per Year
Semantic Scholar estimates that this publication has 305 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-3 of 3 references