Aplicación de redes neuronales profundas para la detección automática de nombres de dominio generados de manera aleatoria
A domain generation algorithm (DGA) is used to dynamically generate a large number of pseudo random domain names and then selecting a small subset of these domains for the Command Control (C&C) communication channel. The idea behind the dynamic nature of DGA was to avoid the inclusion of hard...
Guardado en:
| Autores principales: | , , , , , , |
|---|---|
| Publicado: |
2019
|
| Materias: | |
| Acceso en línea: | https://bdigital.uncu.edu.ar/fichas.php?idobjeto=14399 |
| Sumario: | A domain generation algorithm (DGA) is used to dynamically generate a large number of pseudo random domain names and then selecting a small subset of these domains for the Command Control (C&C) communication channel. The idea behind the dynamic nature of DGA was to avoid the inclusion of hard-coded domain names inside malware binaries, complicating the extraction of this information by reverse engineering. The C&C channel can be used for instructing the botnet to take different malicious actions such as SPAM, click campaign, DDOS, etc. The present project proposes the development of an algorithm for DGA detection based on machine learning algorithms. In particular, we propose the use of Deep Neural Networks. In the last 10 years, deep learning techniques has been the cause behind the major advances in the automatic recognition of images, audio, video and text. We expect the ability of deep neural networks for recognizing common patterns in DGA facilitates the development of a detection tool. A tool what will operate not only with a low false positive rate but also in real time. Both requirements are fundamental for dealing with today security threats. |
|---|
