| Presentation | 2014-11-28 Detecting infected hosts with machine learning analysis of DNS responses Wataru TSUDA, Youki KADOBAYASHI, Hirotaka FUJIWARA, Suguru YAMAGUCHI, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | In recent years, we face cyber attacks such as illegal money transfer via net-banking, spam mail and DDoS attacks caused by botnet. In this research, we propose novel detection system which uses Random Forest for detecting botnet-related domain names. In this system, we apply many kinds of features from DNS response packet to deal with botnets which utilize DGA, Fast Flux Domain and so on. We experimented with one month of real DNS traffic data, and our system achieved 96.96% detection rates and 1.27% false positive rates. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | malware / botnet / dns / machine learning |
| Paper # | ICSS2014-62 |
| Date of Issue |
| Conference Information | |
| Committee | ICSS |
|---|---|
| Conference Date | 2014/11/20(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information and Communication System Security (ICSS) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Detecting infected hosts with machine learning analysis of DNS responses |
| Sub Title (in English) | |
| Keyword(1) | malware |
| Keyword(2) | botnet |
| Keyword(3) | dns |
| Keyword(4) | machine learning |
| 1st Author's Name | Wataru TSUDA |
| 1st Author's Affiliation | Graduate School of Information Science, Nara Institute of Science and Technology() |
| 2nd Author's Name | Youki KADOBAYASHI |
| 2nd Author's Affiliation | Graduate School of Information Science, Nara Institute of Science and Technology |
| 3rd Author's Name | Hirotaka FUJIWARA |
| 3rd Author's Affiliation | Graduate School of Information Science, Nara Institute of Science and Technology |
| 4th Author's Name | Suguru YAMAGUCHI |
| 4th Author's Affiliation | Graduate School of Information Science, Nara Institute of Science and Technology |
| Date | 2014-11-28 |
| Paper # | ICSS2014-62 |
| Volume (vol) | vol.114 |
| Number (no) | 340 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |