• Corpus ID: 238634594

Sharing FANCI Features: A Privacy Analysis of Feature Extraction for DGA Detection

  title={Sharing FANCI Features: A Privacy Analysis of Feature Extraction for DGA Detection},
  author={Benedikt Holmes and Arthur Drichel and Ulrike Meyer},
© Copyright held by the owner/author(s) 2021. This is the author’s version of the work. It is posted here for your personal use. Not for redistribution. The definitive version was published in The Sixth International Conference on Cyber-Technologies and Cyber-Systems (CYBER 2021), https://www.thinkmind.org/index.php?view=article&articleid=cyber 2021 1 160 80095 Abstract—The goal of Domain Generation Algorithm (DGA) detection is to recognize infections with bot malware and is often done with… 

Tables from this paper


SoK: Security and Privacy in Machine Learning
It is apparent that constructing a theoretical understanding of the sensitivity of modern ML algorithms to the data they analyze, à la PAC theory, will foster a science of security and privacy in ML.
eXpose: A Character-Level Convolutional Neural Network with Embeddings For Detecting Malicious URLs, File Paths and Registry Keys
The eXpose neural network is proposed, which uses a deep learning approach developed to take generic, raw short character strings as input, and learns to simultaneously extract features and classify using character-level embeddings and convolutional neural network.
FANCI : Feature-based Automated NXDomain Classification and Intelligence
This work shows that the FANCI system yields a very high classification accuracy at a low false positive rate, generalizes very well, and is able to identify previously unknown DGAs.
Detecting DGA malware using NetFlow
This work presents a novel technique for detecting malware using Domain Generation Algorithms (DGA), that is able to evaluate data from large scale networks without reverse engineering a binary or performing Non-Existent Domain (NXDomain) inspection.
Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning
The reasons why deep learning models may leak information about their training data are investigated and new algorithms tailored to the white-box setting are designed by exploiting the privacy vulnerabilities of the stochastic gradient descent algorithm, which is the algorithm used to train deep neural networks.
Malicious Domain Name Detection Based on Extreme Machine Learning
The proposed machine learning based methodology to detect malware domain names by using Extreme Learning Machine (ELM) is both effective and efficient to identify malicious domains and therefore enhance the current detection mechanism of APT attacks.
Analyzing the real-world applicability of DGA classifiers
This paper proposes one novel classifier based on residual neural networks for each of the two tasks and extensively evaluate them as well as previously proposed classifiers in a unified setting and compares them with respect to explainability, robustness, and training and classification speed.
Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures
A new class of model inversion attack is developed that exploits confidence values revealed along with predictions and is able to estimate whether a respondent in a lifestyle survey admitted to cheating on their significant other and recover recognizable images of people's faces given only their name.
Exposure: A Passive DNS Analysis Service to Detect and Report Malicious Domains
The Exposure system, a system designed to detect malicious domains in real time, by applying 15 unique features grouped in four categories, is presented and the results and lessons learned from 17 months of its operation are described.
Membership Inference Attacks Against Machine Learning Models
This work quantitatively investigates how machine learning models leak information about the individual data records on which they were trained and empirically evaluates the inference techniques on classification models trained by commercial "machine learning as a service" providers such as Google and Amazon.