2019年7月
Clustering malicious DNS queries for blacklist-based detection
IEICE Transactions on Information and Systems
- ,
- ,
- ,
- ,
- ,
- 巻
- E102-D
- 号
- 7
- 開始ページ
- 1404
- 終了ページ
- 1407
- 記述言語
- 英語
- 掲載種別
- 研究論文(学術雑誌)
- DOI
- 10.1587/transinf.2018EDL8211
Some of the most serious threats to network security involve malware. One common way to detect malware-infected machines in a network is by monitoring communications based on blacklists. However, such detection is problematic because (1) no blacklist is completely reliable, and (2) blacklists do not provide the sufficient evidence to allow administrators to determine the validity and accuracy of the detection results. In this paper, we propose a malicious DNS query clustering approach for blacklist-based detection. Unlike conventional classification, our cause-based classification can efficiently analyze malware communications, allowing infected machines in the network to be addressed swiftly.
- リンク情報
-
- DOI
- https://doi.org/10.1587/transinf.2018EDL8211 本文へのリンクあり
- URL
- https://www.jstage.jst.go.jp/article/transinf/E102.D/7/E102.D_2018EDL8211/_article 本文へのリンクあり
- URL
- http://hdl.handle.net/10228/00007647 本文へのリンクあり
- Scopus
- https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85069724844&origin=inward 本文へのリンクあり
- Scopus Citedby
- https://www.scopus.com/inward/citedby.uri?partnerID=HzOxMe3b&scp=85069724844&origin=inward
- ID情報
-
- DOI : 10.1587/transinf.2018EDL8211
- ISSN : 0916-8532
- eISSN : 1745-1361
- SCOPUS ID : 85069724844