• DocumentCode
    270746
  • Title

    CROFlux — Passive DNS method for detecting fast-flux domains

  • Author

    Gržnić, Toni ; Perhoč, Darko ; Marić, Marko ; Vlašić, Filip ; Kulcsar, Tibor

  • Author_Institution
    Croatian Acad. & Res.Network, Nat. CERT, Croatia
  • fYear
    2014
  • fDate
    26-30 May 2014
  • Firstpage
    1376
  • Lastpage
    1380
  • Abstract
    In this paper we present our approach to fast flux detection called CROFlux that relies on the passive DNS replication method. The presented model can significantly reduce the number of false positive detections, and can detect other suspicious domains that are used for fast flux. This algorithm is used and implemented in Advanced Cyber Defense Centre - a European project co-funded by the European Commission.
  • Keywords
    Internet; security of data; Advanced Cyber Defense Centre; CROFlux; fast-flux domain detection; passive DNS replication method; Classification algorithms; Content distribution networks; Europe; IP networks; Malware; Peer-to-peer computing; Servers;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2014 37th International Convention on
  • Conference_Location
    Opatija
  • Print_ISBN
    978-953-233-081-6
  • Type

    conf

  • DOI
    10.1109/MIPRO.2014.6859782
  • Filename
    6859782
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=270746