 Detecting malware based on expired command-and-control trafficFutai Zou, Siyu Zhang, Linsen Li, Li Pan and Jianhua Li International Journal of Distributed Sensor Networks, 2017, vol. 13, issue 7, 1550147717720791 Abstract: In this article, we analyze the behavioral characteristics of domain name service queries produced by programs and then design an algorithm to detect malware with expired command-and-control domains based on the key feature of domain name service traffic, that is, repeatedly querying domain with a fixed interval. In total, 3027 malware command-and-control domains in the network traffic of Shanghai Jiao Tong University, affecting 249 hosts, were successfully detected, with a high precision of 92.0%. This algorithm can find those malware with expired command-and-control domains that are usually ignored by current research and would have important value for eliminating network security risks and improving network security environment. Keywords: Malware detection; expired command-and-control; domain name system; time sequence analysis (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:sae:intdis:v:13:y:2017:i:7:p:1550147717720791 Access Statistics for this article More articles in International Journal of Distributed Sensor Networks |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.