Feature Selection with PCA based on DNS Query for Malicious Domain Classification

Feature Selection with PCA based on DNS Query for Malicious Domain Classification

KIPS Transactions on Computer and Communication Systems, Vol. 1, No. 1, pp. 55-60, Oct. 2012

10.3745/KTCCS.2012.1.1.55, PDF Download:

Abstract

Recent botnets are widely using the DNS services at the connection of C&C server in order to evade botnet’s detection. It is necessary to study on DNS analysis in order to counteract anomaly-based technique using the DNS. This paper studies collection of DNS traffic for experimental data and supervised learning for DNS traffic-based malicious domain classification such as query of domain name corresponding to C&C server from zombies. Especially, this paper would aim to determine significant features of DNS-based classification system for malicious domain extraction by the Principal Component Analysis(PCA).

Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

, "Feature Selection with PCA based on DNS Query for Malicious Domain Classification," KIPS Transactions on Computer and Communication Systems, vol. 1, no. 1, pp. 55-60, 2012. DOI: 10.3745/KTCCS.2012.1.1.55.

[ACM Style]

. 2012. Feature Selection with PCA based on DNS Query for Malicious Domain Classification. KIPS Transactions on Computer and Communication Systems, 1, 1, (2012), 55-60. DOI: 10.3745/KTCCS.2012.1.1.55.