Back close

An Ensemble Approach For Algorithmically Generated Domain Name Detection Using Statistical And Lexical Analysis

Publication Type : Journal Article

Publisher : Procedia Computer Science

Source : Procedia Computer Science, Volume 171, p.1129-1136 (2020)

Url : https://www.sciencedirect.com/science/article/pii/S1877050920310991

Keywords : DGA, Ensemble learning, malware, PRNG

Campus : Coimbatore

School : School of Engineering

Department : Computer Science

Year : 2020

Abstract : Domain Generation Algorithms are the new source of mediators which will provide the attackers an intelligent way of avoiding detection at the host level. Typically, before the existence of DGA, the malware was having a hardcoded command and control (C&C) IP address. That hardcoded mechanism is prone to detection and thus how DGA came into existence. Domain Generation Algorithms use the traditional cryptographic principles of Pseudo-random number generators (PRNGs) to generate a list of domain names to which malware communicates. In this paper, we constructed a list of 44 features (lexical+statistical) from domain names and used the ensemble approaches like C5.0, Random Forest, Gradient Boosting and CART to classify DGA domain names. C5.0 stands out as the best one with an accuracy value of 0.9704.

Cite this Research Publication : M. P. Anand, Dr. Gireesh K. T., and Charan, P. V. Sai, “An Ensemble Approach For Algorithmically Generated Domain Name Detection Using Statistical And Lexical Analysis”, Procedia Computer Science, vol. 171, pp. 1129-1136, 2020.

Admissions Apply Now