Analysis of the Similarities in Malicious DNS Domain Names

被引:0
作者
Lasota, Krzysztof [1 ]
Kozakiewicz, Adam [1 ]
机构
[1] NASK Res & Acad Comp Network, PL-02796 Warsaw, Poland
来源
SECURE AND TRUST COMPUTING, DATA MANAGEMENT, AND APPLICATIONS | 2011年 / 187卷
关键词
malicious domains; heuristic detection methods; phishing detection;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
This paper presents results of studies on similarities in the construction of malicious DNS domain names. Based on sets of malicious domain names (or URLs, where only mnemonic host names are taken into account) a prototype tool searches for formulated similarities in the construction of malicious domains. A key research task was to find features of similarity which could be useful in the detection of malicious behavior. Research results can be used as an additional characteristic of existing heuristic methods for determining the malicious character of domains or websites. They could also be used as a hint for specialists to take a closer look at domains which are similar to other malicious domains.
引用
收藏
页码:1 / 6
页数:6
相关论文
共 11 条
[1]  
Alexa, TOP MILL SIT
[2]  
[Anonymous], P USENIX WORKSH LARG
[3]  
[Anonymous], 2008, ITU STUD FIN ASP NET
[4]  
[Anonymous], 2006, P AAAI SPRING S COMP
[5]  
[Anonymous], 1997, ACM SIGACT NEWS
[6]  
Kijewski P., 2008, 20 ANN 1 C COMP SEC
[7]  
Kozakiewicz A., 2010, KSTIT 2010 WROCL
[8]  
Ma J., 2009, P SIGKDD C PAR
[9]  
Nazario J., 2009, P 2 USENIX WORKSH LA
[10]  
Provos N., 2008, All your iframes point to us
12