Feature Selection with PCA based on DNS Query for Malicious Domain Classification


KIPS Transactions on Computer and Communication Systems, Vol. 1, No. 1, pp. 55-60, Oct. 2012
10.3745/KTCCS.2012.1.1.55,   PDF Download:

Abstract

Recent botnets are widely using the DNS services at the connection of C&C server in order to evade botnet’s detection. It is necessary to study on DNS analysis in order to counteract anomaly-based technique using the DNS. This paper studies collection of DNS traffic for experimental data and supervised learning for DNS traffic-based malicious domain classification such as query of domain name corresponding to C&C server from zombies. Especially, this paper would aim to determine significant features of DNS-based classification system for malicious domain extraction by the Principal Component Analysis(PCA).


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
, "Feature Selection with PCA based on DNS Query for Malicious Domain Classification," KIPS Transactions on Computer and Communication Systems, vol. 1, no. 1, pp. 55-60, 2012. DOI: 10.3745/KTCCS.2012.1.1.55.

[ACM Style]
. 2012. Feature Selection with PCA based on DNS Query for Malicious Domain Classification. KIPS Transactions on Computer and Communication Systems, 1, 1, (2012), 55-60. DOI: 10.3745/KTCCS.2012.1.1.55.