• Sep 17, 2018 News!Welcome to 2019 4th International Conference on Information and Network Technologies (ICINT 2019), which will be held in Kyoto, Japan during May 25-27, 2019.   [Click]
  • Jul 04, 2018 News!JACN Vol.6, No.1 has been published with online version.   [Click]
  • May 22, 2018 News!JACN has been included in EBSCO database.
General Information
    • ISSN: 1793-8244
    • Frequency: Semiyearly
    • DOI: 10.18178/JACN
    • Editor-in-Chief: Dr. Ka Wai Gary Wong
    • Executive Editor: Ms. Nina Lee
    • Abstracting/ Indexing: EI (INSPEC, IET),  Electronic Journals Library, Ulrich's Periodicals Directory, EBSCO, ProQuest, and Google Scholar.
    • E-mail: jacn@ejournal.net
Editor-in-chief
Dr. Ka Wai Gary Wong
Division of Information and Technology Studies, Faculty of Education, The University of Hong Kong.
It's a honor to serve as the editor-in-chief of JACN. I'll work together with the editors and reviewers to help the journal progress
JACN 2013 Vol.1(2): 148-152 ISSN: 1793-8244
DOI: 10.7763/JACN.2013.V1.30

Detection of Fast-Flux Domains

Chia-Mei Chen, Sheng-Tzong Cheng, and Ju-Hsien Chou
Abstract—Botnets create harmful attacks nowadays. Lawbreaker may implant malware into victim machines using botnets and, furthermore, he employs fast-flux domain technology to improve the lifetime and robustness of botnets. To circumvent the detection of command and control servers, a set of bots is selected to redirect malicious communication and hides the communication within normal traffic. As the dynamics of fast-flux domains, blacklist mechanism is not efficient to prevent fast-flux botnet attacks. It would be time consuming to examine the legitimacy of the domains of all the connections. Therefore, a lightweight detection of malicious fast-flux domains is desired. Based on the time-space behaviors of malicious fast-flux domains, the network behaviors of domains are formulized in this study to reduce the time complexity of modeling features. According to the experimental results, the malicious fast-flux domains collected from the real networks are identified efficiently and the proposed solution outperforms the blacklists.

Index Terms—Botnet, fast-flux domain, malware, command and control server.

Chia-Mei Chen is with the Department of Information Management, National Sun Yat-sen University, Kaohsiung, Taiwan, R.O.C. (email: cchen@mail.nsysu.edu.tw) Sheng-Tzong Cheng and Ju-Hsien Chou are with the Department of Computer Science and Information Engineering, National Cheng Kung University, Tainan, Taiwan, R.O.C (email:stcheng@mail.ncku.edu.tw, p7896127@mail.ncku.edu.tw)

[PDF]

Cite:Chia-Mei Chen, Sheng-Tzong Cheng, and Ju-Hsien Chou, "Detection of Fast-Flux Domains," Journal of Advances in Computer Networks vol. 1, no. 2, pp. 148-152, 2013.

Copyright © 2008-2018. Journal of Advances in Computer Networks.  All rights reserved.
E-mail: jacn@ejournal.net