Detecting Cyber Threats Domains Based on DNS Traffic 


Vol. 37,  No. 11, pp. 1082-1089, Nov.  2012


PDF
  Abstract

Recent malicious attempts in Cyber space are intended to emerge national threats such as Suxnet as well as to get financial benefits through a large pool of comprised botnets. The evolved botnets use the Domain Name System(DNS) to communicate with the C&C server and zombies. DNS is one of the core and most important components of the Internet and DNS traffic are continually increased by the popular wireless Internet service. On the other hand, domain names are popular for malicious use. This paper studies on DNS-based cyber threats domain detection by data classification based on supervised learning. Furthermore, the developed cyber threats domain detection system using DNS traffic analysis provides collection, analysis, and normal/abnormal domain classification of huge amounts of DNS data.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

S. Lim, J. Kim, B. Lee, "Detecting Cyber Threats Domains Based on DNS Traffic," The Journal of Korean Institute of Communications and Information Sciences, vol. 37, no. 11, pp. 1082-1089, 2012. DOI: .

[ACM Style]

Sun-Hee Lim, Jong-Hyun Kim, and Byung-gil Lee. 2012. Detecting Cyber Threats Domains Based on DNS Traffic. The Journal of Korean Institute of Communications and Information Sciences, 37, 11, (2012), 1082-1089. DOI: .

[KICS Style]

Sun-Hee Lim, Jong-Hyun Kim, Byung-gil Lee, "Detecting Cyber Threats Domains Based on DNS Traffic," The Journal of Korean Institute of Communications and Information Sciences, vol. 37, no. 11, pp. 1082-1089, 11. 2012.

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880