Journal ArticleOPEN ACCESS

Clustering malicious DNS queries for blacklist-based detection

IEICE Transactions on Information and Systems (2019) E102D(7) 1404-1407
DOI: 10.1587/transinf.2018EDL8211
5Citations
Citations of this article
10Readers
Mendeley users who have this article in their library.

Abstract

Some of the most serious threats to network security involve malware. One common way to detect malware-infected machines in a network is by monitoring communications based on blacklists. However, such detection is problematic because (1) no blacklist is completely reliable, and (2) blacklists do not provide the sufficient evidence to allow administrators to determine the validity and accuracy of the detection results. In this paper, we propose a malicious DNS query clustering approach for blacklist-based detection. Unlike conventional classification, our cause-based classification can efficiently analyze malware communications, allowing infected machines in the network to be addressed swiftly.

Author supplied keywords

Cite

CITATION STYLE

APA

Satoh, A., Nakamura, Y., Nobayashi, D., Sasai, K., Kitagata, G., & Ikenaga, T. (2019). Clustering malicious DNS queries for blacklist-based detection. IEICE Transactions on Information and Systems, E102D(7), 1404–1407. https://doi.org/10.1587/transinf.2018EDL8211

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free