You are here:   
  1. Home
  2. Chapters
  3. http://scigraph.springernature.com/pub.10.1007/978-3-030-69886-7_10

Automatic Generation and Classification of Malicious FQDN View Full Text

Ontology type: schema:Chapter     


Chapter Info

DATE

2021-02-20

AUTHORS

Kenichi Yoshida , Kazunori Fujiwara , Akira Sato , Shuji Sannomiya

ABSTRACT

Due to the increase in spam email and other anti-social behavior (such as the bot net command and control server) on the Internet, Domain Name System (DNS) blacklists (DNSBLs) have been created. These are “blacklists” of malicious hosts on the Internet that are reputed to send spam email and other anti-social behavior. Most email servers can be configured to reject messages that are sent from the hosts on these lists. Because it is difficult to keep up with new malicious hosts created every day, research is required to automate DNSBL generation. To address this problem, the application of machine learning is being studied thoroughly. Deep learning is considered to be a promising approach to classify the malicious host names. This study explores the risks of these approaches by showing a simple domain generation algorithm (DGA). This report shows the importance of attributes that are used rather than machine learning techniques. Researchers in machine learning and knowledge acquisition should focus on attributes that are more important in application fields than techniques when considering the practical applications. More... »

PAGES

120-129

Book

TITLE

Knowledge Management and Acquisition for Intelligent Systems

ISBN

978-3-030-69885-0
978-3-030-69886-7

Subjects

  • FOR: Information And Computing Sciences
  • FOR: Artificial Intelligence And Image Processing

    • Author Affiliations

  • University of Tsukuba, Tsukuba, Japan
  • Japan Registry Services Co., Ltd., Tokyo, Japan

    • Identifiers

    URI

    http://scigraph.springernature.com/pub.10.1007/978-3-030-69886-7_10

    DOI

    http://dx.doi.org/10.1007/978-3-030-69886-7_10

    DIMENSIONS

    https://app.dimensions.ai/details/publication/pub.1135466815

    Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
    Incoming Citations Browse incoming citations for this publication using opencitations.net

    JSON-LD is the canonical representation for SciGraph data.

    TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT 

    [
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Artificial Intelligence and Image Processing", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "University of Tsukuba, Tsukuba, Japan", 
          "id": "http://www.grid.ac/institutes/grid.20515.33", 
          "name": [
            "University of Tsukuba, Tsukuba, Japan"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Yoshida", 
        "givenName": "Kenichi", 
        "id": "sg:person.014317107461.87", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014317107461.87"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Japan Registry Services Co., Ltd., Tokyo, Japan", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "Japan Registry Services Co., Ltd., Tokyo, Japan"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Fujiwara", 
        "givenName": "Kazunori", 
        "id": "sg:person.015071241307.00", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015071241307.00"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "University of Tsukuba, Tsukuba, Japan", 
          "id": "http://www.grid.ac/institutes/grid.20515.33", 
          "name": [
            "University of Tsukuba, Tsukuba, Japan"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Sato", 
        "givenName": "Akira", 
        "id": "sg:person.0717074353.90", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.0717074353.90"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "University of Tsukuba, Tsukuba, Japan", 
          "id": "http://www.grid.ac/institutes/grid.20515.33", 
          "name": [
            "University of Tsukuba, Tsukuba, Japan"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Sannomiya", 
        "givenName": "Shuji", 
        "id": "sg:person.011146745610.23", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011146745610.23"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2021-02-20", 
    "datePublishedReg": "2021-02-20", 
    "description": "Due to the increase in spam email and other anti-social behavior (such as the bot net command and control server) on the Internet, Domain Name System (DNS) blacklists (DNSBLs) have been created. These are \u201cblacklists\u201d of malicious hosts on the Internet that are reputed to send spam email and other anti-social behavior. Most email servers can be configured to reject messages that are sent from the hosts on these lists. Because it is difficult to keep up with new malicious hosts created every day, research is required to automate DNSBL generation. To address this problem, the application of machine learning is being studied thoroughly. Deep learning is considered to be a promising approach to classify the malicious host names. This study explores the risks of these approaches by showing a simple domain generation algorithm (DGA). This report shows the importance of attributes that are used rather than machine learning techniques. Researchers in machine learning and knowledge acquisition should focus on attributes that are more important in application fields than techniques when considering the practical applications.", 
    "editor": [
      {
        "familyName": "Uehara", 
        "givenName": "Hiroshi", 
        "type": "Person"
      }, 
      {
        "familyName": "Yamaguchi", 
        "givenName": "Takayasu", 
        "type": "Person"
      }, 
      {
        "familyName": "Bai", 
        "givenName": "Quan", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-030-69886-7_10", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-030-69885-0", 
        "978-3-030-69886-7"
      ], 
      "name": "Knowledge Management and Acquisition for Intelligent Systems", 
      "type": "Book"
    }, 
    "keywords": [
      "Domain Generation Algorithms", 
      "Domain Name System", 
      "malicious hosts", 
      "machine learning", 
      "spam emails", 
      "machine learning techniques", 
      "deep learning", 
      "Name System", 
      "host names", 
      "learning techniques", 
      "automatic generation", 
      "email servers", 
      "generation algorithm", 
      "knowledge acquisition", 
      "importance of attributes", 
      "Internet", 
      "application fields", 
      "learning", 
      "email", 
      "server", 
      "FQDN", 
      "promising approach", 
      "blacklist", 
      "attributes", 
      "practical applications", 
      "algorithm", 
      "applications", 
      "messages", 
      "classification", 
      "technique", 
      "generation", 
      "researchers", 
      "system", 
      "acquisition", 
      "list", 
      "research", 
      "name", 
      "field", 
      "behavior", 
      "host", 
      "anti-social behaviour", 
      "importance", 
      "study", 
      "risk", 
      "report", 
      "increase", 
      "days", 
      "approach", 
      "problem"
    ], 
    "name": "Automatic Generation and Classification of Malicious FQDN", 
    "pagination": "120-129", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1135466815"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-030-69886-7_10"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-030-69886-7_10", 
      "https://app.dimensions.ai/details/publication/pub.1135466815"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:48", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_45.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-030-69886-7_10"
  }
]
     

    Download the RDF metadata as:  json-ld nt turtle xml License info

    HOW TO GET THIS DATA PROGRAMMATICALLY:

    JSON-LD is a popular format for linked data which is fully compatible with JSON. 

    curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-69886-7_10'

    N-Triples is a line-based linked data format ideal for batch operations. 

    curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-69886-7_10'

    Turtle is a human-readable linked data format. 

    curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-69886-7_10'

    RDF/XML is a standard XML format for linked data. 

    curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-69886-7_10'


     

    This table displays all metadata directly associated to this object as RDF triples.

    143 TRIPLES      23 PREDICATES      74 URIs      67 LITERALS      7 BLANK NODES

    Subject Predicate Object
    1 sg:pub.10.1007/978-3-030-69886-7_10 schema:about anzsrc-for:08
    2 anzsrc-for:0801
    3 schema:author N9ed208c7983b493f8be90e2810e8a213
    4 schema:datePublished 2021-02-20
    5 schema:datePublishedReg 2021-02-20
    6 schema:description Due to the increase in spam email and other anti-social behavior (such as the bot net command and control server) on the Internet, Domain Name System (DNS) blacklists (DNSBLs) have been created. These are “blacklists” of malicious hosts on the Internet that are reputed to send spam email and other anti-social behavior. Most email servers can be configured to reject messages that are sent from the hosts on these lists. Because it is difficult to keep up with new malicious hosts created every day, research is required to automate DNSBL generation. To address this problem, the application of machine learning is being studied thoroughly. Deep learning is considered to be a promising approach to classify the malicious host names. This study explores the risks of these approaches by showing a simple domain generation algorithm (DGA). This report shows the importance of attributes that are used rather than machine learning techniques. Researchers in machine learning and knowledge acquisition should focus on attributes that are more important in application fields than techniques when considering the practical applications.
    7 schema:editor Nc1aae171f2d34ba39ec5f461037b810a
    8 schema:genre chapter
    9 schema:inLanguage en
    10 schema:isAccessibleForFree false
    11 schema:isPartOf N7f92a00700a343748eae3ed86a592748
    12 schema:keywords Domain Generation Algorithms
    13 Domain Name System
    14 FQDN
    15 Internet
    16 Name System
    17 acquisition
    18 algorithm
    19 anti-social behaviour
    20 application fields
    21 applications
    22 approach
    23 attributes
    24 automatic generation
    25 behavior
    26 blacklist
    27 classification
    28 days
    29 deep learning
    30 email
    31 email servers
    32 field
    33 generation
    34 generation algorithm
    35 host
    36 host names
    37 importance
    38 importance of attributes
    39 increase
    40 knowledge acquisition
    41 learning
    42 learning techniques
    43 list
    44 machine learning
    45 machine learning techniques
    46 malicious hosts
    47 messages
    48 name
    49 practical applications
    50 problem
    51 promising approach
    52 report
    53 research
    54 researchers
    55 risk
    56 server
    57 spam emails
    58 study
    59 system
    60 technique
    61 schema:name Automatic Generation and Classification of Malicious FQDN
    62 schema:pagination 120-129
    63 schema:productId N2d532f2959a0433bb9d48a896601c7ca
    64 N74b364a8c0f3459698a90364d29d6d81
    65 schema:publisher N584816bc2e7243c5af5d8b3504003a35
    66 schema:sameAs https://app.dimensions.ai/details/publication/pub.1135466815
    67 https://doi.org/10.1007/978-3-030-69886-7_10
    68 schema:sdDatePublished 2022-05-20T07:48
    69 schema:sdLicense https://scigraph.springernature.com/explorer/license/
    70 schema:sdPublisher Ne5c67b570350464da34a0a49dbbe67e5
    71 schema:url https://doi.org/10.1007/978-3-030-69886-7_10
    72 sgo:license sg:explorer/license/
    73 sgo:sdDataset chapters
    74 rdf:type schema:Chapter
    75 N24a754d9b92c4ddbb88f0155ff035cd8 rdf:first sg:person.015071241307.00
    76 rdf:rest N250f49a72d3247f0bec8f9f1672be8e6
    77 N250f49a72d3247f0bec8f9f1672be8e6 rdf:first sg:person.0717074353.90
    78 rdf:rest N6133a8307f834e9e8d853b57480501ab
    79 N2d532f2959a0433bb9d48a896601c7ca schema:name dimensions_id
    80 schema:value pub.1135466815
    81 rdf:type schema:PropertyValue
    82 N4355ba89a1734a07aa7004220430037a schema:familyName Yamaguchi
    83 schema:givenName Takayasu
    84 rdf:type schema:Person
    85 N469995cbf26342ef88efb24eb81e9aae rdf:first Nf2c665f7f2b34c59a386b74cf700e58b
    86 rdf:rest rdf:nil
    87 N584816bc2e7243c5af5d8b3504003a35 schema:name Springer Nature
    88 rdf:type schema:Organisation
    89 N6133a8307f834e9e8d853b57480501ab rdf:first sg:person.011146745610.23
    90 rdf:rest rdf:nil
    91 N74b364a8c0f3459698a90364d29d6d81 schema:name doi
    92 schema:value 10.1007/978-3-030-69886-7_10
    93 rdf:type schema:PropertyValue
    94 N7f92a00700a343748eae3ed86a592748 schema:isbn 978-3-030-69885-0
    95 978-3-030-69886-7
    96 schema:name Knowledge Management and Acquisition for Intelligent Systems
    97 rdf:type schema:Book
    98 N941a8e9b79194b1eae0c1b31ba8fc41b rdf:first N4355ba89a1734a07aa7004220430037a
    99 rdf:rest N469995cbf26342ef88efb24eb81e9aae
    100 N96d726fcd150443daa62ad2c3a985ae5 schema:familyName Uehara
    101 schema:givenName Hiroshi
    102 rdf:type schema:Person
    103 N9ed208c7983b493f8be90e2810e8a213 rdf:first sg:person.014317107461.87
    104 rdf:rest N24a754d9b92c4ddbb88f0155ff035cd8
    105 Nc1aae171f2d34ba39ec5f461037b810a rdf:first N96d726fcd150443daa62ad2c3a985ae5
    106 rdf:rest N941a8e9b79194b1eae0c1b31ba8fc41b
    107 Ne5c67b570350464da34a0a49dbbe67e5 schema:name Springer Nature - SN SciGraph project
    108 rdf:type schema:Organization
    109 Nf2c665f7f2b34c59a386b74cf700e58b schema:familyName Bai
    110 schema:givenName Quan
    111 rdf:type schema:Person
    112 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
    113 schema:name Information and Computing Sciences
    114 rdf:type schema:DefinedTerm
    115 anzsrc-for:0801 schema:inDefinedTermSet anzsrc-for:
    116 schema:name Artificial Intelligence and Image Processing
    117 rdf:type schema:DefinedTerm
    118 sg:person.011146745610.23 schema:affiliation grid-institutes:grid.20515.33
    119 schema:familyName Sannomiya
    120 schema:givenName Shuji
    121 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011146745610.23
    122 rdf:type schema:Person
    123 sg:person.014317107461.87 schema:affiliation grid-institutes:grid.20515.33
    124 schema:familyName Yoshida
    125 schema:givenName Kenichi
    126 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014317107461.87
    127 rdf:type schema:Person
    128 sg:person.015071241307.00 schema:affiliation grid-institutes:None
    129 schema:familyName Fujiwara
    130 schema:givenName Kazunori
    131 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015071241307.00
    132 rdf:type schema:Person
    133 sg:person.0717074353.90 schema:affiliation grid-institutes:grid.20515.33
    134 schema:familyName Sato
    135 schema:givenName Akira
    136 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.0717074353.90
    137 rdf:type schema:Person
    138 grid-institutes:None schema:alternateName Japan Registry Services Co., Ltd., Tokyo, Japan
    139 schema:name Japan Registry Services Co., Ltd., Tokyo, Japan
    140 rdf:type schema:Organization
    141 grid-institutes:grid.20515.33 schema:alternateName University of Tsukuba, Tsukuba, Japan
    142 schema:name University of Tsukuba, Tsukuba, Japan
    143 rdf:type schema:Organization
     




    Preview window. Press ESC to close (or click here)

    ...