Analyzing the availability of fast-flux based service network under countermeasures

2010 ◽  
Author(s):  
Xiao Wang ◽  
Jinqiao Shi ◽  
Longtao He ◽  
Li Guo ◽  
Qingfeng Tan
Keyword(s):  
Service Network ◽  
Fast Flux

scholarly journals Fast Flux Service Network Detection via Data Mining on Passive DNS Traffic

2018 ◽  
pp. 463-480 ◽  
Author(s):  
Pierangelo Lombardo ◽  
Salvatore Saeli ◽  
Federica Bisio ◽  
Davide Bernardi ◽  
Danilo Massa
Keyword(s):  
Data Mining ◽  
Service Network ◽  
Fast Flux

scholarly journals A Multi-Stage Detection Technique for DNS-Tunneled Botnets

10.29007/c4wj ◽  
2019 ◽  
Author(s):  
Tirthankar Ghosh ◽  
Eman El-Sheikh ◽  
Wasseem Jammal
Keyword(s):  
Network Protocols ◽  
Detection Methods ◽  
Service Network ◽  
Signature Matching ◽  
Multi Stage ◽  
Detection Approach ◽  
Matching Technique ◽  
Fast Flux ◽  
Security Monitor ◽  
Domain Name Service

Botnet communications are obfuscated within legitimate network protocols to avoid detection and remediation. Domain Name Service (DNS) is a protocol of choice to hide communication with Command & Control (C&C) servers, where botmasters tunnel these communications within DNS request and response. Since botnet communications are characterized by different features, botmasters may evade detection methods by modifying some of these features. This paper proposes a multi-staged detection approach for Domain Generation Algorithm (DGA) using domain fluxing, Fast Flux Service Network (FFSN), and encrypted DNS tunneled-based botnets using BRO Network Security Monitor. This approach is able to detect DNS-tunneled botnet communications by analyzing different techniques used to find C&C servers, and also using signature matching technique to detect DNS-tunneled SSH handshake between bots and C&C servers.

Botnet Attack Detection Using A Hybrid Supervised Fast-Flux Killer System

2021 ◽  
Author(s):  
Ahmad Al-Nawasrah ◽  
Ammar Almomani ◽  
Huthaifa A. Al_Issa ◽  
Khalid Alissa ◽  
Ayat Alrosan ◽  
...  
Keyword(s):  
Classification Performance ◽  
Attack Detection ◽  
Service Network ◽  
Domain Name ◽  
Data Set ◽  
System Method ◽  
Public Data ◽  
Killer System ◽  
Fast Flux ◽  
Two Stages

A Fast Flux Service Network (FFSN) domain name system method is a technique used on botnet that bot herders used to support malicious botnet actions to rapidly change the domain name IP addresses and to increase the life of malicious servers. While several methods for the detection of FFSN domains are suggested, they are still suffering from relatively low accuracy with the zero-day domain in particular. Throughout the current research, a system that’s deemed new is proposed. The latter system is called (the Fast Flux Killer System) and is abbreviated as (FFKS)). It allows one to have the FF-Domains “zero-day”, via a deployment built on (ADeSNN). It is a hybrid, which consists of two stages. The online phase according to the learning outcomes from the offline phase works on detecting the zero-day domains while the offline phase helps in enhancing the classification performance of the system in the online phase. This system will be compared to a previously published work that was based on a supervised detection method using the same ADeSNN algorithm to have the FFSNs domains detected, also to show better performance in detecting malicious domains. A public data set for the impacts of the hybrid ADeSNN algorithm is employed in the experiment. When hybrid ADeSNN was used over the supervised one, the experiments showed better accuracy. The detection of zero-day fast-flux domains is highly accurate (99.54%) in a mode considered as an online one.

Ontology-based service network platform and its construction method

2010 ◽  
Vol 30 (8) ◽  
pp. 2170-2172
Author(s):  
Hui WANG ◽  
Zhi-yong FENG ◽  
Ju CHEN ◽  
Shi-zhan CHEN
Keyword(s):  
Construction Method ◽  
Service Network ◽  
Network Platform

Features of the Harvesting and Logging Equipment Market in Russia

2020 ◽  
pp. 132-147
Author(s):  
M.A. Piskunov ◽  
Keyword(s):  
Information Technologies ◽  
Import Substitution ◽  
Road Construction ◽  
Forest Sector ◽  
Specific Information ◽  
Service Network ◽  
Russian Market ◽  
The Road ◽  
Foreign Companies ◽  
Transnational Companies

Russian forest sector forms an attractive market for harvesting and logging equipment, however the position of Russian manufacturers is extremely weak. A brief overview of the current state of the market is presented with reference to the open sources. Its features are mentioned as compared to the road construction and agricultural machinery sectors. Three transnational companies dominate the Russian market of harvesting and logging equipment: John Deere, Ponsse and Komatsu. Most of the purchased equipment falls on machines for cut-tolength technology, such as harvester and forwarder. The market volume of new machines is estimated at 330–420 forwarders, 165–300 harvesters, about 30–40 feller bunchers and the same number of skidders. There were two waves in the consolidation of the position of foreign companies in Russia. The first was connected with the delivery of equipment and the development of foreign brands in Russia against the background of still high-profile positions of Russian manufacturers in the market. The second is the takeover of enterprises having a service network and reputation by diversified transnational corporations. The main strategies of the leading companies in the current situation are the export of equipment to Russia and the development of a service network. Companies do not turn to another level associated with the opening of production sites or joint ventures for the production of harvesting and logging machines. The Russian market is characterized by the absence of a strong Russian manufacturer of harvesting and logging machines, which is ready to significantly influence or actively participate in the processes of import substitution. The position of such a manufacturer is gradually occupied by the Belarusian Amkodor Holding. The purchase of new harvesting and logging machines can afford major timber companies. The main production sites of harvesting and logging machines are located in Finland, Sweden, USA, and Canada. In order to support forestry machine engineering, in addition to economic measures of stimulation approved in other sectors, it is proposed: to organize the work of scientific forest engineering centers on the base of public-private partnership with the financial support from the major vertically-integrated timber corporate groups; to stimulate the development of Russian sector-specific information technologies for harvesting and logging; to initiate the partnership with companies from the People’s Republic of China to launch the design and production of new-generation harvesting and logging machines.

Sign in / Sign up

Export Citation Format

Share Document