Related papers: Ensemble-based Feature Selection and Classification Model for DNS Typo-squatting Detection

Ensemble-based Feature Selection and Classification Model for DNS Typo-squatting Detection

URL: http://arxiv.org/abs/2006.09272v1
Date: Mon, 8 Jun 2020 14:07:19 GMT
Title: Ensemble-based Feature Selection and Classification Model for DNS Typo-squatting Detection
Authors: Abdallah Moubayed and Emad Aqeeli and Abdallah Shami
Abstract summary: Typo-squatting refers to the registration of a domain name that is extremely similar to that of an existing popular brand. This paper proposes an ensemble-based feature selection and bagging classification model to detect DNS typo-squatting attack.
Score: 5.785697934050654
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Domain Name System (DNS) plays in important role in the current IP-based Internet architecture. This is because it performs the domain name to IP resolution. However, the DNS protocol has several security vulnerabilities due to the lack of data integrity and origin authentication within it. This paper focuses on one particular security vulnerability, namely typo-squatting. Typo-squatting refers to the registration of a domain name that is extremely similar to that of an existing popular brand with the goal of redirecting users to malicious/suspicious websites. The danger of typo-squatting is that it can lead to information threat, corporate secret leakage, and can facilitate fraud. This paper builds on our previous work in [1], which only proposed majority-voting based classifier, by proposing an ensemble-based feature selection and bagging classification model to detect DNS typo-squatting attack. Experimental results show that the proposed framework achieves high accuracy and precision in identifying the malicious/suspicious typo-squatting domains (a loss of at most 1.5% in accuracy and 5% in precision when compared to the model that used the complete feature set) while having a lower computational complexity due to the smaller feature set (a reduction of more than 50% in feature set size).

Related papers

Evaluating the Robustness of Deep-Learning Algorithm-Selection Models by Evolving Adversarial Instances [0.16874375111244325]
Deep convolutional networks (DNN) are increasingly being used to perform algorithm-selection in neural domains. adversarial samples are successfully generated from up to 56% of the original instances depending on the dataset. We use an evolutionary algorithm (EA) to find perturbations of instances from two existing benchmarks for online bin packing that cause trained DRNs to misclassify.
arXiv Detail & Related papers (2024-06-24T12:48:44Z)
ProxyMix: Proxy-based Mixup Training with Label Refinery for Source-Free Domain Adaptation [73.14508297140652]
Unsupervised domain adaptation (UDA) aims to transfer knowledge from a labeled source domain to an unlabeled target domain. We propose an effective method named Proxy-based Mixup training with label refinery ( ProxyMix) Experiments on three 2D image and one 3D point cloud object recognition benchmarks demonstrate that ProxyMix yields state-of-the-art performance for source-free UDA tasks.
arXiv Detail & Related papers (2022-05-29T03:45:00Z)
Low-confidence Samples Matter for Domain Adaptation [47.552605279925736]
Domain adaptation (DA) aims to transfer knowledge from a label-rich source domain to a related but label-scarce target domain. We propose a novel contrastive learning method by processing low-confidence samples. We evaluate the proposed method in both unsupervised and semi-supervised DA settings.
arXiv Detail & Related papers (2022-02-06T15:45:45Z)
Attentive Prototypes for Source-free Unsupervised Domain Adaptive 3D Object Detection [85.11649974840758]
3D object detection networks tend to be biased towards the data they are trained on. We propose a single-frame approach for source-free, unsupervised domain adaptation of lidar-based 3D object detectors.
arXiv Detail & Related papers (2021-11-30T18:42:42Z)
Uncertainty-aware Clustering for Unsupervised Domain Adaptive Object Re-identification [123.75412386783904]
State-of-the-art object Re-ID approaches adopt clustering algorithms to generate pseudo-labels for the unlabeled target domain. We propose an uncertainty-aware clustering framework (UCF) for UDA tasks. Our UCF method consistently achieves state-of-the-art performance in multiple UDA tasks for object Re-ID.
arXiv Detail & Related papers (2021-08-22T09:57:14Z)
Prototypical Cross-domain Self-supervised Learning for Few-shot Unsupervised Domain Adaptation [91.58443042554903]
We propose an end-to-end Prototypical Cross-domain Self-Supervised Learning (PCS) framework for Few-shot Unsupervised Domain Adaptation (FUDA) PCS not only performs cross-domain low-level feature alignment, but it also encodes and aligns semantic structures in the shared embedding space across domains. Compared with state-of-the-art methods, PCS improves the mean classification accuracy over different domain pairs on FUDA by 10.5%, 3.5%, 9.0%, and 13.2% on Office, Office-Home, VisDA-2017, and DomainNet, respectively.
arXiv Detail & Related papers (2021-03-31T02:07:42Z)
DNS Typo-squatting Domain Detection: A Data Analytics & Machine Learning Based Approach [9.006364242523249]
Domain Name System (DNS) is a crucial component of current IP-based networks as it is the standard mechanism for name to IP resolution. Detecting this attack is particularly important as it can be a threat to corporate secrets and can be used to steal information or commit fraud. In this paper, a machine learning-based approach is proposed to tackle the typosquatting vulnerability.
arXiv Detail & Related papers (2020-12-25T16:51:30Z)
Optimized Random Forest Model for Botnet Detection Based on DNS Queries [8.641714871787595]
Domain Name System (DNS) protocol has several security vulnerabilities. One promising solution to detect DNS-based botnet attacks is adopting machine learning (ML) based solutions. This paper proposes a novel optimized ML-based framework to detect botnets based on their corresponding DNS queries.
arXiv Detail & Related papers (2020-12-16T16:34:11Z)
Cross-domain Detection via Graph-induced Prototype Alignment [114.8952035552862]
We propose a Graph-induced Prototype Alignment (GPA) framework to seek for category-level domain alignment. In addition, in order to alleviate the negative effect of class-imbalance on domain adaptation, we design a Class-reweighted Contrastive Loss. Our approach outperforms existing methods with a remarkable margin.
arXiv Detail & Related papers (2020-03-28T17:46:55Z)

This list is automatically generated from the titles and abstracts of the papers in this site.