Domain-flux botnet name 'detection & warning method' found.

Discussion in 'malware problems & news' started by Baserk, Nov 6, 2010.

Thread Status:
Not open for further replies.
  1. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    From The Register;

    'Researchers have devised a way to easily detect internet names generated by so-called domain-fluxing botnets, a method that could provide a first-alarm system of sorts that alerts admins of infections on their networks.
    ...
    The method uses techniques from signal detection theory and statistical learning to detect domain names generated from a variety of algorithms, including those based on pseudo-random strings, dictionary-based words, and words that are pronounceable but not in any dictionary.'
    link

    Research paper PDF link
     
    Last edited: Nov 6, 2010
Loading...
Thread Status:
Not open for further replies.