| Title | Domain Flux-based DGA Botnet Detection Using Feedforward Neural Network |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Ashiq, Md. Ishtiaq, Bhowmick, Protick, Hossain, Md. Shohrab, Narman, Husnu S. |
| Conference Name | MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) |
| Date Published | nov |
| Keywords | Botnet, Botnet detection, botnets, C&C server, compositionality, computer network security, Correlation, DGA, DGA-based botnets, Dictionaries, Domain Flux, domain flux-based botnets, domain flux-based DGA botnet detection, domain generation algorithm, edit distance, feature extraction, feedforward neural nets, feedforward neural network, frequency-domain analysis, Hidden Markov models, HMM, invasive software, Metrics, Neural Network, pubcrawl, real-world domain names, Resiliency, ROC curve |
| Abstract | Botnets have been a major area of concern in the field of cybersecurity. There have been a lot of research works for detection of botnets. However, everyday cybercriminals are coming up with new ideas to counter the well-known detection methods. One such popular method is domain flux-based botnets in which a large number of domain names are produced using domain generation algorithm. In this paper, we have proposed a robust way of detecting DGA-based botnets using few novel features covering both syntactic and semantic viewpoints. We have used Area under ROC curve as our performance metric since it provides comprehensive information about the performance of binary classifiers at various thresholds. Results show that our approach performs significantly better than the baseline approach. Our proposed method can help in detecting established DGA bots (equipped with extensive features) as well as prospective advanced DGA bots imitating real-world domain names. |
| DOI | 10.1109/MILCOM47813.2019.9020730 |
| Citation Key | ashiq_domain_2019 |
Domain Flux-based DGA Botnet Detection Using Feedforward Neural Network