Share On

Loading...
PROCESSING. PLEASE WAIT...

"A Method for Detecting Domain Generation Algorithms (DGAs) Using Deep Learning and Signal Processing Techniques"

A Method for Detecting Domain Generation Algorithms (DGAs) Using Deep Learning and Signal Processing Techniques

A Method for Detecting Domain Generation Algorithms (DGAs) Using Deep Learning and Signal Processing Techniques

White Paper: ENSIGN

Background

Domain Generation Algorithm, otherwise known as DGA, remains a potent technique used by cyber actors in their malware attacks. It begins with an automation programme designed to generate names of domains in a specific fashion, providing instructions and receiving information from malware.

The use of DGAs allow attackers to quickly switch domains during malware attacks and circumvent traditional rule/signature-based security appliances aimed at blacklisting such malicious domains. Since DGAs are built and designed to generate thousands of domains, and remain active only for a limited period of time, efforts to tackle them could at times prove futile. Blacklisting a static list of malicious domains is no longer sufficient, given the unpredictable/non-static nature of a DGA, and the sheer volume of domains it uses.

To address such attacks, we infuse machine learning and deep learning approaches into our advanced cyber analytics capabilities. These techniques facilitate the detection of elusive random domains generated by the malware when it attempts to connect to the attacker from a compromised host. Our proprietary DGA detection model possesses the ability to sieve through large traffic to ascertain the presence of DGA traits. It also determines if successful communications to malicious domains were made.

Login With
follow on linkedin follow on twitter follow on facebook 2022 All Rights Reserved | by: www.ciowhitepapersreview.com