View article

[PDF] from usenix.org

Detecting malware domains at the upper {DNS} hierarchy

Authors

Manos Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou II, David Dagon

Publication date

2011

Conference

20th USENIX Security Symposium (USENIX Security 11)

Description

In recent years Internet miscreants have been leveraging the DNS to build malicious network infrastructures for malware command and control. In this paper we propose a novel detection system called Kopis for detecting malware-related domain names. Kopis passively monitors DNS traffic at the upper levels of the DNS hierarchy, and is able to accurately detect malware domains by analyzing global DNS query resolution patterns.

Total citations

Cited by 426

201120122013201420152016201720182019202020212022202320245 16 35 35 36 50 45 47 27 47 33 22 10 11

Scholar articles

Detecting malware domains at the upper {DNS} hierarchy

M Antonakakis, R Perdisci, W Lee, N Vasiloglou II… - 20th USENIX Security Symposium (USENIX Security …, 2011