Logotipo do repositório
 

Publicação:
Detection of Newly Registered Malicious Domains through Passive DNS

Página do item simplificado
dc.contributor.authorSilveira, Marcos Rogerio [UNESP]
dc.contributor.authorSilva, Leandro Marcos da [UNESP]
dc.contributor.authorCansian, Adriano Mauro [UNESP]
dc.contributor.authorKobayashi, Hugo Koji
dc.contributor.authorChen, Y.
dc.contributor.authorLudwig, H.
dc.contributor.authorTu, Y.
dc.contributor.authorFayyad, U.
dc.contributor.authorZhu, X
dc.contributor.authorHu, X
dc.contributor.authorByna, S.
dc.contributor.authorLiu, X
dc.contributor.authorZhang, J.
dc.contributor.authorPan, S.
dc.contributor.authorPapalexakis, V
dc.contributor.authorWang, J.
dc.contributor.authorCuzzocrea, A.
dc.contributor.authorOrdonez, C.
dc.contributor.institutionUniversidade Estadual Paulista (UNESP)
dc.contributor.institutionBrazilian Network Informat Ctr NICbr
dc.date.accessioned2022-11-30T15:19:44Z
dc.date.available2022-11-30T15:19:44Z
dc.date.issued2021-01-01
dc.description.abstractDue to the importance of DNS for the good functioning of the Internet, malicious users register domains for malicious purposes, such as the spreading of malware and the practice of phishing. In this work, an approach capable of detecting malicious domains just 72 hours after the first DNS query was developed. The data source used was the passive DNS collected from an authoritative TLD server with the enrichment of data later, which generated columns encompassing data related to geolocation, which resulted in 20 features. The model used Light-GBM as a machine learning algorithm, and oversampling and undersampling techniques for data balancing, such as Cluster Centroids and K-Means SMOTE, proving efficiency with an average AUC of 0.9763 and F1-score of 0.905, in addition to the TPR of 0.8656 in the validation of the model.en
dc.description.affiliationSao Paulo State Univ UNESP, Sao Paulo, SP, Brazil
dc.description.affiliationBrazilian Network Informat Ctr NICbr, Brasilia, DF, Brazil
dc.description.affiliationUnespSao Paulo State Univ UNESP, Sao Paulo, SP, Brazil
dc.description.sponsorshipFundação para o Desenvolvimento da UNESP (FUNDUNESP)
dc.description.sponsorshipIdFUNDUNESP: 2764/2018
dc.format.extent3360-3369
dc.identifierhttp://dx.doi.org/10.1109/BigData52589.2021.9671348
dc.identifier.citation2021 Ieee International Conference On Big Data (big Data). New York: Ieee, p. 3360-3369, 2021.
dc.identifier.doi10.1109/BigData52589.2021.9671348
dc.identifier.issn2639-1589
dc.identifier.urihttp://hdl.handle.net/11449/237922
dc.identifier.wosWOS:000800559503062
dc.language.isoeng
dc.publisherIeee
dc.relation.ispartof2021 Ieee International Conference On Big Data (big Data)
dc.sourceWeb of Science
dc.subjectDomain Name System
dc.subjectPassive DNS
dc.subjectMalicious Domains
dc.subjectData Imbalanced
dc.subjectMachine Learning
dc.titleDetection of Newly Registered Malicious Domains through Passive DNSen
dc.typeTrabalho apresentado em evento
dcterms.licensehttp://www.ieee.org/publications_standards/publications/rights/rights_policies.html
dcterms.rightsHolderIeee
dspace.entity.typePublication
unesp.author.orcid0000-0001-9634-5617[2]
unesp.campusUniversidade Estadual Paulista (UNESP), Instituto de Biociências Letras e Ciências Exatas, São José do Rio Pretopt
unesp.departmentEngenharia Mecânica - FEBpt
unesp.departmentCiências da Computação e Estatística - IBILCEpt

Arquivos

Coleções

Bauru - FEB - Faculdade de Engenharia
São José do Rio Preto - IBILCE - Instituto de Biociências, Letras e Ciências Exatas