2 code implementations • 9 Apr 2024 • Arthur Drichel, Marc Meyer, Ulrike Meyer
In this work, we conduct a comprehensive study on the robustness of domain generation algorithm (DGA) classifiers.
1 code implementation • 10 Jul 2023 • Arthur Drichel, Ulrike Meyer
The problem of revealing botnet activity through Domain Generation Algorithm (DGA) detection seems to be solved, considering that available deep learning classifiers achieve accuracies of over 99. 9%.
no code implementations • 30 May 2022 • Arthur Drichel, Justus von Brandt, Ulrike Meyer
While binary classifiers can label domains of yet unknown DGAs as malicious, multiclass classifiers can only assign domains to DGAs that are known at the time of training, limiting the ability to uncover new malware families.
no code implementations • 12 Oct 2021 • Benedikt Holmes, Arthur Drichel, Ulrike Meyer
The goal of Domain Generation Algorithm (DGA) detection is to recognize infections with bot malware and is often done with help of Machine Learning approaches that classify non-resolving Domain Name System (DNS) traffic and are trained on possibly sensitive data.
no code implementations • 24 Sep 2021 • Arthur Drichel, Benedikt Holmes, Justus von Brandt, Ulrike Meyer
In this paper, we complement the research area of DGA detection by conducting a comprehensive collaborative learning study, including a total of 13, 440 evaluation runs.
1 code implementation • 23 Jun 2021 • Arthur Drichel, Vincent Drury, Justus von Brandt, Ulrike Meyer
In this paper, we present a pipeline that facilitates such evaluations by addressing a number of problems when working with CT log data.
1 code implementation • 23 Jun 2021 • Arthur Drichel, Nils Faerber, Ulrike Meyer
Numerous malware families rely on domain generation algorithms (DGAs) to establish a connection to their command and control (C2) server.
no code implementations • 1 Jul 2020 • Arthur Drichel, Ulrike Meyer, Samuel Schüppen, Dominik Teubert
Numerous machine learning classifiers have been proposed for binary classification of domain names as either benign or malicious, and even for multiclass classification to identify the domain generation algorithm (DGA) that generated a specific domain name.
no code implementations • 19 Jun 2020 • Arthur Drichel, Ulrike Meyer, Samuel Schüppen, Dominik Teubert
In this context, we propose one novel classifier based on residual neural networks for each of the two tasks and extensively evaluate them as well as previously proposed classifiers in a unified setting.