• Jul 03, 2017 News!JACN Vol.4, No.2 has been indexed by EI (inspec)!   [Click]
  • Jul 12, 2017 News!JACN Vol.5, No.1 has been published with online version.
  • Jul 03, 2017 News!Welcome to join in the 2017 8th International Conference on Networking and Information Technology (ICNIT 2017), which will be held in Penang, Malaysia during November 24-26, 2017.
General Information
    • ISSN: 1793-8244
    • Frequency: Semiyearly
    • DOI: 10.18178/JACN
    • Editor-in-Chief: Dr. Ka Wai Gary Wong
    • Executive Editor: Ms. Nina Lee
    • Abstracting/ Indexing: EI (INSPEC, IET), Engineering & Technology Digital Library, DOAJ, Electronic Journals Library, Ulrich's Periodicals Directory, International Computer Science Digital Library (ICSDL), ProQuest, and Google Scholar.
    • E-mail: jacn@ejournal.net
Editor-in-chief
Dr. Ka Wai Gary Wong
Division of Information and Technology Studies, Faculty of Education, The University of Hong Kong.
It's a honor to serve as the editor-in-chief of JACN. I'll work together with the editors and reviewers to help the journal progress
JACN 2013 Vol.1(2): 148-152 ISSN: 1793-8244
DOI: 10.7763/JACN.2013.V1.30

Detection of Fast-Flux Domains

Chia-Mei Chen, Sheng-Tzong Cheng, and Ju-Hsien Chou
Abstract—Botnets create harmful attacks nowadays. Lawbreaker may implant malware into victim machines using botnets and, furthermore, he employs fast-flux domain technology to improve the lifetime and robustness of botnets. To circumvent the detection of command and control servers, a set of bots is selected to redirect malicious communication and hides the communication within normal traffic. As the dynamics of fast-flux domains, blacklist mechanism is not efficient to prevent fast-flux botnet attacks. It would be time consuming to examine the legitimacy of the domains of all the connections. Therefore, a lightweight detection of malicious fast-flux domains is desired. Based on the time-space behaviors of malicious fast-flux domains, the network behaviors of domains are formulized in this study to reduce the time complexity of modeling features. According to the experimental results, the malicious fast-flux domains collected from the real networks are identified efficiently and the proposed solution outperforms the blacklists.

Index Terms—Botnet, fast-flux domain, malware, command and control server.

Chia-Mei Chen is with the Department of Information Management, National Sun Yat-sen University, Kaohsiung, Taiwan, R.O.C. (email: cchen@mail.nsysu.edu.tw) Sheng-Tzong Cheng and Ju-Hsien Chou are with the Department of Computer Science and Information Engineering, National Cheng Kung University, Tainan, Taiwan, R.O.C (email:stcheng@mail.ncku.edu.tw, p7896127@mail.ncku.edu.tw)

[PDF]

Cite:Chia-Mei Chen, Sheng-Tzong Cheng, and Ju-Hsien Chou, "Detection of Fast-Flux Domains," Journal of Advances in Computer Networks vol. 1, no. 2, pp. 148-152, 2013.

Copyright © 2008-2017. Journal of Advances in Computer Networks.  All rights reserved.
E-mail: jacn@ejournal.net