Detecting Malicious Domain Names with Abnormal WHOIS Records Using Feature-Based Rules

被引:3
|
作者
Cheng, Yanan [1 ]
Chai, Tingting [1 ]
Zhang, Zhaoxin [1 ]
Lu, Keyu [1 ]
Du, Yuejin [2 ]
机构
[1] Harbin Inst Technol, Fac Comp, Harbin 150001, Heilongjiang, Peoples R China
[2] Qihoo 360 Technol Co Ltd, Beijing 100000, Peoples R China
来源
COMPUTER JOURNAL | 2022年 / 65卷 / 09期
基金
中国国家自然科学基金;
关键词
malicious domain detection; WHOIS records; AdaBoost;
D O I
10.1093/comjnl/bxab062
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Millions of new domain names are registered every day, but a large proportion of them are malicious and usually discovered and blacklisted after the crime has been committed. In order to improve the security of domain name registration, this paper proposes a lightweight detection method based on the AdaBoost to identify malicious domain names, which focuses on proactively detecting malicious domain names by exploring the abnormal WHOIS records. The domain name registries and registrars can adopt the proposed method as the first layer of defense to identify malicious domains on the domain registration stage. Extensive experiments on a large-scale database demonstrate that the proposed approach achieves satisfactory results on various malicious domain names.
引用
下载
收藏
页码:2262 / 2275
页数:14
相关论文
共 50 条
  • [1] Detecting the DGA-Based Malicious Domain Names
    Zhang, Ying
    Zhang, Yongzheng
    Xiao, Jun
    TRUSTWORTHY COMPUTING AND SERVICES, 2014, 426 : 130 - 137
  • [2] Detecting Malicious Fast-Flux Domains Using Feature-based Classification Techniques
    Truong, Dinh-Tu
    Tran, Dac-Tot
    Huynh, Bao
    JOURNAL OF INTERNET TECHNOLOGY, 2020, 21 (04): : 1061 - 1072
  • [3] Detecting algorithmically generated malicious domain names
    Department of Electrical and Computer Engineering, Texas A and M University, College Station, TX 77843, United States
    不详
    Proc. ACM SIGCOMM Internet Meas. Conf. IMC, (48-61):
  • [4] Detecting malicious domain names using deep learning approaches at scale
    Vinayakumar, R.
    Soman, K. P.
    Poornachandran, Prabaharan
    JOURNAL OF INTELLIGENT & FUZZY SYSTEMS, 2018, 34 (03) : 1355 - 1367
  • [5] Malicious Domain Names Detection Algorithm Based on Lexical Analysis and Feature Quantification
    Zhao, Hong
    Chang, Zhaobin
    Wang, Weijie
    Zeng, Xiangyan
    IEEE ACCESS, 2019, 7 : 128990 - 128999
  • [6] Workshop on detecting malicious domain names (DMD 2018): Preface
    Soman, K.P.
    Poornachandran, Prabaharan
    Vinayakumar, R.
    Communications in Computer and Information Science, 2019, 969
  • [7] A Framework for Malicious Domain Names Detection Using Feature Selection and Majority Voting Approach
    Patil, Dharmaraj R.
    Informatica (Slovenia), 2024, 48 (03): : 419 - 438
  • [8] Improved Detection of Malicious Domain Names Using Gradient Boosted Machines and Feature Engineering
    Alhogail, Areej
    Al-Turaiki, Isra
    INFORMATION TECHNOLOGY AND CONTROL, 2022, 51 (02): : 313 - 331
  • [9] A Method of Detecting Abnormal Malicious Remote Control Codes using Network Domain Information
    Oh, Hyung-Geun
    Seo, Jung-Taek
    Lim, Jong In
    Moon, Jong-sub
    INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL, 2012, 15 (05): : 2181 - 2192
  • [10] Feature-Based Sentence Extraction Using Fuzzy Inference rules
    Suanmali, Ladda
    Salim, Naomie
    Binwahlan, Mohammed Salem
    PROCEEDINGS OF THE 2009 INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING SYSTEMS, 2009, : 511 - +
12345