• Dec 24, 2021 News!Volume 9 No 1 has been indexed by EI (inspec)!   [Click]
  • Dec 07, 2021 News!JACN has been indexed by EI (inspec)!   [Click]
  • Nov 24, 2021 News!JACN Vol.9, No.2 has been published with online version.   [Click]
General Information
    • ISSN: 1793-8244 (Print)
    • Abbreviated Title:  J. Adv. Comput. Netw.
    • Frequency: Semiyearly
    • DOI: 10.18178/JACN
    • Editor-in-Chief: Dr. Ka Wai Gary Wong
    • Executive Editor: Ms. Shira Lu
    • Abstracting/ Indexing: INSPEC (IET), EBSCO, ProQuest, and Google Scholar.
    • E-mail: jacn@ejournal.net
Professor Haklin Kimm
East Stroudsburg University, USA
I'm happy to take on the position of editor in chief of JACN. We encourage authors to submit papers on all aspects of computer networks.

JACN 2013 Vol.1(2): 148-152 ISSN: 1793-8244
DOI: 10.7763/JACN.2013.V1.30

Detection of Fast-Flux Domains

Chia-Mei Chen, Sheng-Tzong Cheng, and Ju-Hsien Chou
Abstract—Botnets create harmful attacks nowadays. Lawbreaker may implant malware into victim machines using botnets and, furthermore, he employs fast-flux domain technology to improve the lifetime and robustness of botnets. To circumvent the detection of command and control servers, a set of bots is selected to redirect malicious communication and hides the communication within normal traffic. As the dynamics of fast-flux domains, blacklist mechanism is not efficient to prevent fast-flux botnet attacks. It would be time consuming to examine the legitimacy of the domains of all the connections. Therefore, a lightweight detection of malicious fast-flux domains is desired. Based on the time-space behaviors of malicious fast-flux domains, the network behaviors of domains are formulized in this study to reduce the time complexity of modeling features. According to the experimental results, the malicious fast-flux domains collected from the real networks are identified efficiently and the proposed solution outperforms the blacklists.

Index Terms—Botnet, fast-flux domain, malware, command and control server.

Chia-Mei Chen is with the Department of Information Management, National Sun Yat-sen University, Kaohsiung, Taiwan, R.O.C. (email: cchen@mail.nsysu.edu.tw) Sheng-Tzong Cheng and Ju-Hsien Chou are with the Department of Computer Science and Information Engineering, National Cheng Kung University, Tainan, Taiwan, R.O.C (email:stcheng@mail.ncku.edu.tw, p7896127@mail.ncku.edu.tw)


Cite:Chia-Mei Chen, Sheng-Tzong Cheng, and Ju-Hsien Chou, "Detection of Fast-Flux Domains," Journal of Advances in Computer Networks vol. 1, no. 2, pp. 148-152, 2013.

Copyright © 2008-2021. Journal of Advances in Computer Networks.  All rights reserved.
E-mail: jacn@ejournal.net