Title :
Computing domains reputation using flow
Author :
Mishsky, Igor ; Gal-Oz, Nurit ; Gudes, Ehud
Author_Institution :
Comput. Sci. Dept., Ben Gurion Univ., Beer-Sheva, Israel
Abstract :
The Domain Name System (DNS) is an essential component of the Internet infrastructure that translates domain names into IP addresses. Recent incidents verify the enormous damage of malicious activities utilizing DNS. Therefore, detecting malicious domains using the DNS network structure is an important challenge. We take the famous colloquial expression Tell me who your friends are and I will tell you who you are, motivating many social trust models, to the Internet domains world. We assert that a domain that is related to malicious domains is more likely to be malicious as well, and malicious domains may be identified by analyzing cross domains relationships. The term domain reputation represents the extent to which we consider a domain as malicious. In this paper we present a new approach for computing domain reputation by applying a flow algorithm on a DNS based graph. The experimental evaluation of the flow algorithm demonstrates significant success in predicting malicious domains.
Keywords :
IP networks; Internet; computer network security; graph theory; DNS based graph; DNS network structure; Domain Name System; IP addresses; Internet domains; Internet infrastructure; cross-domain relationship analysis; domain reputation; flow algorithm; malicious activities; malicious domain detection; social trust models; Attenuation; Computational modeling; Databases; IP networks; Internet; Servers; Vectors; Flow model; Trust & Reputation; malicious domains;
Conference_Titel :
Internet Technology and Secured Transactions (ICITST), 2014 9th International Conference for
Conference_Location :
London
DOI :
10.1109/ICITST.2014.7038850
