Real-time detection of domainnames that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficien...
详细信息
Real-time detection of domainnames that are generated using the domain generating algorithms (DGA) is a challenging cyber security challenge. Traditional malware control methods, such as blacklisting, are insufficient to handle DGA threats. In this paper, a machine learning framework for identifying and detecting DGA domains is proposed to alleviate the threat. The proposed machine learning framework consists of a two-level model. In the two-level model, the DGA domains are classified apart from normal domains and then the clustering method is used to identify the algorithms that generate those DGA domains.
暂无评论