DomainChroma: Providing Optimal Countermeasures against Malicious Domain Names

Daiki Chiba, Mitsuaki Akiyama, Takeshi Yagi, Takeshi Yada, Tatsuya Mori, Shigeki Goto

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    2 Citations (Scopus)

    Abstract

    Domain names and domain name system (DNS) have been used and abused for over 30 years since the 1980s. Although legitimate Internet users rely on domain names as their indispensable infrastructures for using the Internet, attackers use or abuse them as reliable, instantaneous, and distributed attack infrastructure. However, there is a lack of complete understanding of such domain name abuses and the methods for coping with them. In this paper, we design and implement a unified and objective analysis pipeline combining the existing defense solutions to realize practical and optimal defenses against today's malicious domain names. The basic concept underlying our novel analytical approach is malicious domain names' chromatography. Our new analysis pipeline can distinguish among mixtures of malicious domain names for websites. On the basis of this concept, we do not create a hodgepodge of existing solutions but design separation of abused domain names and offer defense information by considering the characteristics of malicious domain names as well as the possible defense solutions and points of defense. Finally, we evaluate our analysis pipeline and output defense information using a large and real dataset to show the effectiveness and validity of our proposed approach.

    Original languageEnglish
    Title of host publicationProceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017
    PublisherIEEE Computer Society
    Pages643-648
    Number of pages6
    Volume1
    ISBN (Electronic)9781538603673
    DOIs
    Publication statusPublished - 2017 Sep 7
    Event41st IEEE Annual Computer Software and Applications Conference, COMPSAC 2017 - Torino, Italy
    Duration: 2017 Jul 42017 Jul 8

    Other

    Other41st IEEE Annual Computer Software and Applications Conference, COMPSAC 2017
    CountryItaly
    CityTorino
    Period17/7/417/7/8

    Fingerprint

    Pipelines
    Internet
    Chromatography
    Websites

    Keywords

    • blacklists
    • countermeasures
    • DNS
    • domain name

    ASJC Scopus subject areas

    • Software
    • Computer Science Applications

    Cite this

    Chiba, D., Akiyama, M., Yagi, T., Yada, T., Mori, T., & Goto, S. (2017). DomainChroma: Providing Optimal Countermeasures against Malicious Domain Names. In Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017 (Vol. 1, pp. 643-648). [8029671] IEEE Computer Society. https://doi.org/10.1109/COMPSAC.2017.112

    DomainChroma : Providing Optimal Countermeasures against Malicious Domain Names. / Chiba, Daiki; Akiyama, Mitsuaki; Yagi, Takeshi; Yada, Takeshi; Mori, Tatsuya; Goto, Shigeki.

    Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017. Vol. 1 IEEE Computer Society, 2017. p. 643-648 8029671.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Chiba, D, Akiyama, M, Yagi, T, Yada, T, Mori, T & Goto, S 2017, DomainChroma: Providing Optimal Countermeasures against Malicious Domain Names. in Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017. vol. 1, 8029671, IEEE Computer Society, pp. 643-648, 41st IEEE Annual Computer Software and Applications Conference, COMPSAC 2017, Torino, Italy, 17/7/4. https://doi.org/10.1109/COMPSAC.2017.112
    Chiba D, Akiyama M, Yagi T, Yada T, Mori T, Goto S. DomainChroma: Providing Optimal Countermeasures against Malicious Domain Names. In Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017. Vol. 1. IEEE Computer Society. 2017. p. 643-648. 8029671 https://doi.org/10.1109/COMPSAC.2017.112
    Chiba, Daiki ; Akiyama, Mitsuaki ; Yagi, Takeshi ; Yada, Takeshi ; Mori, Tatsuya ; Goto, Shigeki. / DomainChroma : Providing Optimal Countermeasures against Malicious Domain Names. Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017. Vol. 1 IEEE Computer Society, 2017. pp. 643-648
    @inproceedings{eb2d834cae1f40a3ac722c588263f229,
    title = "DomainChroma: Providing Optimal Countermeasures against Malicious Domain Names",
    abstract = "Domain names and domain name system (DNS) have been used and abused for over 30 years since the 1980s. Although legitimate Internet users rely on domain names as their indispensable infrastructures for using the Internet, attackers use or abuse them as reliable, instantaneous, and distributed attack infrastructure. However, there is a lack of complete understanding of such domain name abuses and the methods for coping with them. In this paper, we design and implement a unified and objective analysis pipeline combining the existing defense solutions to realize practical and optimal defenses against today's malicious domain names. The basic concept underlying our novel analytical approach is malicious domain names' chromatography. Our new analysis pipeline can distinguish among mixtures of malicious domain names for websites. On the basis of this concept, we do not create a hodgepodge of existing solutions but design separation of abused domain names and offer defense information by considering the characteristics of malicious domain names as well as the possible defense solutions and points of defense. Finally, we evaluate our analysis pipeline and output defense information using a large and real dataset to show the effectiveness and validity of our proposed approach.",
    keywords = "blacklists, countermeasures, DNS, domain name",
    author = "Daiki Chiba and Mitsuaki Akiyama and Takeshi Yagi and Takeshi Yada and Tatsuya Mori and Shigeki Goto",
    year = "2017",
    month = "9",
    day = "7",
    doi = "10.1109/COMPSAC.2017.112",
    language = "English",
    volume = "1",
    pages = "643--648",
    booktitle = "Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017",
    publisher = "IEEE Computer Society",
    address = "United States",

    }

    TY - GEN

    T1 - DomainChroma

    T2 - Providing Optimal Countermeasures against Malicious Domain Names

    AU - Chiba, Daiki

    AU - Akiyama, Mitsuaki

    AU - Yagi, Takeshi

    AU - Yada, Takeshi

    AU - Mori, Tatsuya

    AU - Goto, Shigeki

    PY - 2017/9/7

    Y1 - 2017/9/7

    N2 - Domain names and domain name system (DNS) have been used and abused for over 30 years since the 1980s. Although legitimate Internet users rely on domain names as their indispensable infrastructures for using the Internet, attackers use or abuse them as reliable, instantaneous, and distributed attack infrastructure. However, there is a lack of complete understanding of such domain name abuses and the methods for coping with them. In this paper, we design and implement a unified and objective analysis pipeline combining the existing defense solutions to realize practical and optimal defenses against today's malicious domain names. The basic concept underlying our novel analytical approach is malicious domain names' chromatography. Our new analysis pipeline can distinguish among mixtures of malicious domain names for websites. On the basis of this concept, we do not create a hodgepodge of existing solutions but design separation of abused domain names and offer defense information by considering the characteristics of malicious domain names as well as the possible defense solutions and points of defense. Finally, we evaluate our analysis pipeline and output defense information using a large and real dataset to show the effectiveness and validity of our proposed approach.

    AB - Domain names and domain name system (DNS) have been used and abused for over 30 years since the 1980s. Although legitimate Internet users rely on domain names as their indispensable infrastructures for using the Internet, attackers use or abuse them as reliable, instantaneous, and distributed attack infrastructure. However, there is a lack of complete understanding of such domain name abuses and the methods for coping with them. In this paper, we design and implement a unified and objective analysis pipeline combining the existing defense solutions to realize practical and optimal defenses against today's malicious domain names. The basic concept underlying our novel analytical approach is malicious domain names' chromatography. Our new analysis pipeline can distinguish among mixtures of malicious domain names for websites. On the basis of this concept, we do not create a hodgepodge of existing solutions but design separation of abused domain names and offer defense information by considering the characteristics of malicious domain names as well as the possible defense solutions and points of defense. Finally, we evaluate our analysis pipeline and output defense information using a large and real dataset to show the effectiveness and validity of our proposed approach.

    KW - blacklists

    KW - countermeasures

    KW - DNS

    KW - domain name

    UR - http://www.scopus.com/inward/record.url?scp=85031894542&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=85031894542&partnerID=8YFLogxK

    U2 - 10.1109/COMPSAC.2017.112

    DO - 10.1109/COMPSAC.2017.112

    M3 - Conference contribution

    AN - SCOPUS:85031894542

    VL - 1

    SP - 643

    EP - 648

    BT - Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017

    PB - IEEE Computer Society

    ER -