Detecting Malicious Domains: A Review

Volume 18, Issue 2,  2024

Download

< /tr>
Author(s):

Samar Abbas Mangi* Shah Abdul Latif University Khairpur, Pakistan, mangisamar@gmail.com

Samina Rajper Shah Abdul Latif University Khairpur, Pakistan, samina.rajper@salu.edu.pk

Noor Ahmed Shaikh Shah Abdul Latif University Khairpur, Pakistan, noor.shaikh@salu.edu.pk

Nizamuddin Maitlo IBA – Institiue of Emerging TechnologiesKhairpur, Pakistan, nizamuddin.cs@iba-suk.edu.pk

Asad Hameed Soomro Benazir Bhutto Shaheed University of Technology & Skill Development, Pakistan , asad.oomro31@yahoo.Com

Waseem Ahmed Buriro Sukkur IBA UniversitySukkur, Pakistan , burirowaseemahmed@gmail.com

Abstract Malicious domain names are an important and worrying indicator of cyberattacks and can pose serious risks to your privacy and property. Unwary Internet users can obtain malicious services from these domains, including spam servers, phishing sites, and command and control (C&C) servers. Therefore, developing efficient algorithms to identify tumor regions has attracted much attention and interest. Data sources and implementation strategies used by current detection technologies vary widely. In this study, we performed a comprehensive retrospective analysis of these methods and divided the data into DNS data and DGA data. Researchers must use appropriate detection techniques that match the unique characteristics of the data, because different data sources provide different data models and carry different information. Therefore, the detection method is divided into four types. For each method, we describe a general detection framework that defines the main steps and processes involved. In addition, we provide insight into the future potential of research on malicious domain detection. By examining existing methods for detecting and identifying vulnerabilities, this document contributes to the fight against the ever-changing threat of malicious domains, ultimately improving the security of Internet users worldwide. intended to improve.
Keywords Malicious domain, cyberattacks, phishing sites, efficient algorithms, detection technologies, Domain Name System.
Year 2024
Volume 18
Issue 2
Type Research paper, manuscript, article
Journal Name Journal of Information & Communication Technology
Publisher Name ILMA University
Jel Classification -
DOI -
ISSN no (E, Electronic) 2075-7239
ISSN no (P, Print) 2415-0169
Country Pakistan
City Karachi
Institution Type University
Journal Type Open Access
Manuscript Processing Blind Peer Reviewed
Format PDF
Paper Link https://jict.ilmauniversity.edu.pk/journal/jict/18.2/5.pdf
Page 31-37