A Survey on Malicious Domains Detection through DNS Data Analysis

05/22/2018
by   Yury Zhauniarovich, et al.
0

Malicious domains are one of the major resources required for adversaries to run attacks over the Internet. Due to the important role of the Domain Name System (DNS), extensive research has been conducted to identify malicious domains based on their unique behavior reflected in different phases of the life cycle of DNS queries and responses. Existing approaches differ significantly in terms of intuitions, data analysis methods as well as evaluation methodologies. This warrants a thorough systematization of the approaches and a careful review of the advantages and limitations of every group. In this paper, we perform such an analysis. In order to achieve this goal, we present the necessary background knowledge on DNS and malicious activities leveraging DNS. We describe a general framework of malicious domain detection techniques using DNS data. Applying this framework, we categorize existing approaches using several orthogonal viewpoints, namely (1) sources of DNS data and their enrichment, (2) data analysis methods, and (3) evaluation strategies and metrics. In each aspect, we discuss the important challenges that the research community should address in order to fully realize the power of DNS data analysis to fight against attacks leveraging malicious domains.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
11/01/2017

Killing Two Birds with One Stone: Malicious Domain Detection with High Accuracy and Coverage

Inference based techniques are one of the major approaches to analyze DN...
research
08/22/2023

Multi-Instance Adversarial Attack on GNN-Based Malicious Domain Detection

Malicious domain detection (MDD) is an open security challenge that aims...
research
05/09/2023

Generating Phishing Attacks using ChatGPT

The ability of ChatGPT to generate human-like responses and understand c...
research
04/22/2010

Performance Evaluation of DCA and SRC on a Single Bot Detection

Malicious users try to compromise systems using new techniques. One of t...
research
09/05/2021

A Transformer-based Model to Detect Phishing URLs

Phishing attacks are among emerging security issues that recently draws ...
research
05/31/2023

A Holistic Framework for Safeguarding of SMEs-A Case Study

The rapid digitalisation of SMEs, further expedited as a business contin...
research
07/31/2018

Smart Grids Data Analysis: A Systematic Mapping Study

Data analytics and data science play a significant role in nowadays soci...

Please sign up or login with your details

Forgot password? Click here to reset