• DocumentCode
    2071250
  • Title

    A comparative study for fast-flux service networks detection

  • Author

    Wu, Jiayan ; Zhang, Liwei ; Liang, Jian ; Qu, Sheng ; Ni, Zhiqiang

  • Author_Institution
    Data Min. Group, Tsinghua Univ., Beijing, China
  • fYear
    2010
  • fDate
    16-18 Aug. 2010
  • Firstpage
    346
  • Lastpage
    350
  • Abstract
    One of the most active threats we meet on the Internet is cyber-crime. Fast-flux is a kind of DNS technique used by botnets to hiding the malicious activities. In this paper we use data mining techniques to detect the fast-flux service network (FFSN) which is newly emerging and still not perceiving widely. From the data mining perspective, the detection of cyber-crime is viewed as kind of imbalanced class problem. In this paper we analysis the feature attributes which can distinguish fast-flux domains from benign ones by observing system/network performance. Then we present the solution approach and comparative study based on data mining techniques for fast-flux networks detection. The experiment results show our approach is effective and efficient.
  • Keywords
    Internet; data mining; security of data; DNS technique; Internet; cyber-crime detection; data mining techniques; fast-flux service networks detection; feature attributes; network security; Linear regression; component; data mining; fast-flux service networks; network security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Networked Computing and Advanced Information Management (NCM), 2010 Sixth International Conference on
  • Conference_Location
    Seoul
  • Print_ISBN
    978-1-4244-7671-8
  • Electronic_ISBN
    978-89-88678-26-8
  • Type

    conf

  • Filename
    5572048
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2071250