FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W1981294881> ?p ?o ?g. }

• W1981294881 endingPage "1677" @default.
• W1981294881 startingPage "1663" @default.
• W1981294881 abstract "Recent botnets such as Conficker, Kraken, and Torpig have used DNS-based “domain fluxing” for command-and-control, where each Bot queries for existence of a series of domain names and the owner has to register only one such domain name. In this paper, we develop a methodology to detect such “domain fluxes” in DNS traffic by looking for patterns inherent to domain names that are generated algorithmically, in contrast to those generated by humans. In particular, we look at distribution of alphanumeric characters as well as bigrams in all domains that are mapped to the same set of IP addresses. We present and compare the performance of several distance metrics, including K-L distance, Edit distance, and Jaccard measure. We train by using a good dataset of domains obtained via a crawl of domains mapped to all IPv4 address space and modeling bad datasets based on behaviors seen so far and expected. We also apply our methodology to packet traces collected at a Tier-1 ISP and show we can automatically detect domain fluxing as used by Conficker botnet with minimal false positives, in addition to discovering a new botnet within the ISP trace. We also analyze a campus DNS trace to detect another unknown botnet exhibiting advanced domain-name generation technique." @default.
• W1981294881 created "2016-06-24" @default.
• W1981294881 creator A5011582677 @default.
• W1981294881 creator A5046677945 @default.
• W1981294881 creator A5071941302 @default.
• W1981294881 creator A5080134184 @default.
• W1981294881 date "2012-10-01" @default.
• W1981294881 modified "2023-10-05" @default.
• W1981294881 title "Detecting Algorithmically Generated Domain-Flux Attacks With DNS Traffic Analysis" @default.
• W1981294881 cites W1925668703 @default.
• W1981294881 cites W2100307718 @default.
• W1981294881 cites W2101737524 @default.
• W1981294881 cites W2112063328 @default.
• W1981294881 cites W2143132678 @default.
• W1981294881 cites W2159636195 @default.
• W1981294881 cites W2162275200 @default.
• W1981294881 cites W4244728148 @default.
• W1981294881 doi "https://doi.org/10.1109/tnet.2012.2184552" @default.
• W1981294881 hasPublicationYear "2012" @default.
• W1981294881 type Work @default.
• W1981294881 sameAs 1981294881 @default.
• W1981294881 citedByCount "167" @default.
• W1981294881 countsByYear W19812948812012 @default.
• W1981294881 countsByYear W19812948812013 @default.
• W1981294881 countsByYear W19812948812014 @default.
• W1981294881 countsByYear W19812948812015 @default.
• W1981294881 countsByYear W19812948812016 @default.
• W1981294881 countsByYear W19812948812017 @default.
• W1981294881 countsByYear W19812948812018 @default.
• W1981294881 countsByYear W19812948812019 @default.
• W1981294881 countsByYear W19812948812020 @default.
• W1981294881 countsByYear W19812948812021 @default.
• W1981294881 countsByYear W19812948812022 @default.
• W1981294881 countsByYear W19812948812023 @default.
• W1981294881 crossrefType "journal-article" @default.
• W1981294881 hasAuthorship W1981294881A5011582677 @default.
• W1981294881 hasAuthorship W1981294881A5046677945 @default.
• W1981294881 hasAuthorship W1981294881A5071941302 @default.
• W1981294881 hasAuthorship W1981294881A5080134184 @default.
• W1981294881 hasConcept C105320234 @default.
• W1981294881 hasConcept C110875604 @default.
• W1981294881 hasConcept C124101348 @default.
• W1981294881 hasConcept C134306372 @default.
• W1981294881 hasConcept C136764020 @default.
• W1981294881 hasConcept C154945302 @default.
• W1981294881 hasConcept C203519979 @default.
• W1981294881 hasConcept C22735295 @default.
• W1981294881 hasConcept C2988987868 @default.
• W1981294881 hasConcept C31258907 @default.
• W1981294881 hasConcept C33923547 @default.
• W1981294881 hasConcept C35026560 @default.
• W1981294881 hasConcept C36503486 @default.
• W1981294881 hasConcept C38652104 @default.
• W1981294881 hasConcept C41008148 @default.
• W1981294881 hasConcept C44359876 @default.
• W1981294881 hasConcept C506615639 @default.
• W1981294881 hasConcept C541664917 @default.
• W1981294881 hasConcept C64869954 @default.
• W1981294881 hasConcept C73555534 @default.
• W1981294881 hasConcept C76155785 @default.
• W1981294881 hasConcept C93996380 @default.
• W1981294881 hasConceptScore W1981294881C105320234 @default.
• W1981294881 hasConceptScore W1981294881C110875604 @default.
• W1981294881 hasConceptScore W1981294881C124101348 @default.
• W1981294881 hasConceptScore W1981294881C134306372 @default.
• W1981294881 hasConceptScore W1981294881C136764020 @default.
• W1981294881 hasConceptScore W1981294881C154945302 @default.
• W1981294881 hasConceptScore W1981294881C203519979 @default.
• W1981294881 hasConceptScore W1981294881C22735295 @default.
• W1981294881 hasConceptScore W1981294881C2988987868 @default.
• W1981294881 hasConceptScore W1981294881C31258907 @default.
• W1981294881 hasConceptScore W1981294881C33923547 @default.
• W1981294881 hasConceptScore W1981294881C35026560 @default.
• W1981294881 hasConceptScore W1981294881C36503486 @default.
• W1981294881 hasConceptScore W1981294881C38652104 @default.
• W1981294881 hasConceptScore W1981294881C41008148 @default.
• W1981294881 hasConceptScore W1981294881C44359876 @default.
• W1981294881 hasConceptScore W1981294881C506615639 @default.
• W1981294881 hasConceptScore W1981294881C541664917 @default.
• W1981294881 hasConceptScore W1981294881C64869954 @default.
• W1981294881 hasConceptScore W1981294881C73555534 @default.
• W1981294881 hasConceptScore W1981294881C76155785 @default.
• W1981294881 hasConceptScore W1981294881C93996380 @default.
• W1981294881 hasIssue "5" @default.
• W1981294881 hasLocation W19812948811 @default.
• W1981294881 hasOpenAccess W1981294881 @default.
• W1981294881 hasPrimaryLocation W19812948811 @default.
• W1981294881 hasRelatedWork W1513626637 @default.
• W1981294881 hasRelatedWork W1954903228 @default.
• W1981294881 hasRelatedWork W1981294881 @default.
• W1981294881 hasRelatedWork W2054298352 @default.
• W1981294881 hasRelatedWork W2290321311 @default.
• W1981294881 hasRelatedWork W2914448461 @default.
• W1981294881 hasRelatedWork W2934080905 @default.
• W1981294881 hasRelatedWork W2949614803 @default.
• W1981294881 hasRelatedWork W2961635701 @default.
• W1981294881 hasRelatedWork W3080777947 @default.
• W1981294881 hasVolume "20" @default.

• next