{"id":"https://openalex.org/W2620022311","doi":"https://doi.org/10.1145/3057109.3057112","title":"DGASensor","display_name":"DGASensor","publication_year":2017,"publication_date":"2017-02-20","ids":{"openalex":"https://openalex.org/W2620022311","doi":"https://doi.org/10.1145/3057109.3057112","mag":"2620022311"},"language":"en","primary_location":{"id":"doi:10.1145/3057109.3057112","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3057109.3057112","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th International Conference on Communications and Broadband Networking","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101981612","display_name":"Xi Luo","orcid":"https://orcid.org/0000-0002-4677-9430"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Xi Luo","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058722770","display_name":"Liming Wang","orcid":"https://orcid.org/0000-0002-5562-8386"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Liming Wang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5083915362","display_name":"Zhen Xu","orcid":"https://orcid.org/0000-0001-7011-3236"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhen Xu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032694211","display_name":"Jing Yang","orcid":"https://orcid.org/0000-0001-9218-6954"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jing Yang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101835836","display_name":"Mo Sun","orcid":"https://orcid.org/0009-0000-7467-6490"},"institutions":[{"id":"https://openalex.org/I4210098582","display_name":"ZTE (China)","ror":"https://ror.org/00rjhhq63","country_code":"CN","type":"company","lineage":["https://openalex.org/I4210098582"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Mo Sun","raw_affiliation_strings":["Zhongxing Telecommunications, Equipment Corporation, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"Zhongxing Telecommunications, Equipment Corporation, Nanjing, China","institution_ids":["https://openalex.org/I4210098582"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100378538","display_name":"Jing Wang","orcid":"https://orcid.org/0000-0002-5519-9016"},"institutions":[{"id":"https://openalex.org/I4210098582","display_name":"ZTE (China)","ror":"https://ror.org/00rjhhq63","country_code":"CN","type":"company","lineage":["https://openalex.org/I4210098582"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jing Wang","raw_affiliation_strings":["Zhongxing Telecommunications, Equipment Corporation, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"Zhongxing Telecommunications, Equipment Corporation, Nanjing, China","institution_ids":["https://openalex.org/I4210098582"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5101981612"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404"],"apc_list":null,"apc_paid":null,"fwci":2.2792,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.89715803,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"47","last_page":"53"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.809687614440918},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.6776040196418762},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6257340908050537},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.48401305079460144},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.48027658462524414},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.44845741987228394},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.32349279522895813},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.13789090514183044},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.09642136096954346}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.809687614440918},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.6776040196418762},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6257340908050537},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.48401305079460144},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.48027658462524414},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.44845741987228394},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.32349279522895813},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.13789090514183044},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.09642136096954346}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3057109.3057112","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3057109.3057112","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th International Conference on Communications and Broadband Networking","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.46000000834465027}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W17316494","https://openalex.org/W196740607","https://openalex.org/W273955616","https://openalex.org/W1561983441","https://openalex.org/W1954903228","https://openalex.org/W1983776999","https://openalex.org/W2007343513","https://openalex.org/W2064274762","https://openalex.org/W2082550445","https://openalex.org/W2136495567","https://openalex.org/W2164348526","https://openalex.org/W2239778906"],"related_works":["https://openalex.org/W2294483539","https://openalex.org/W2378449000","https://openalex.org/W3187581118","https://openalex.org/W2938399969","https://openalex.org/W3143747655","https://openalex.org/W2002178493","https://openalex.org/W2901835651","https://openalex.org/W2929621094","https://openalex.org/W1996006176","https://openalex.org/W4285325964"],"abstract_inverted_index":{"DNS":[0,224,230],"protocol":[1],"has":[2,22],"been":[3,23,38],"used":[4,148,155,233],"by":[5,25,101,184],"many":[6],"malwares":[7,27,99,265],"for":[8,40,53,75],"command-and-control":[9],"(C&C).":[10],"To":[11],"improve":[12],"the":[13,63,114,118,139,197,210,267],"resiliency":[14],"of":[15,58,65,117,173,221,239,264],"C&C":[16],"communication,":[17],"Domain":[18],"Generation":[19],"Algorithm":[20],"(DGA)":[21],"utilized":[24],"recent":[26],"such":[28,45],"as":[29],"Locky,":[30],"Conficker":[31],"and":[32,68,127,135,145,152,179,206,257],"Zeus.":[33],"Many":[34],"detection":[35,47],"systems":[36],"have":[37],"introduced":[39],"DGA-based":[41,82,98],"botnets":[42,46],"detection.":[43],"However,":[44],"approaches":[48],"suffer":[49],"from":[50,159,176,227],"several":[51],"limitations,":[52],"instance,":[54],"requiring":[55],"a":[56,87,103,160,169,180,191,203,219,228,262],"group":[57],"DGA":[59,105,181,248],"domains,":[60],"period":[61],"behaviors,":[62],"presence":[64],"multiple":[66],"bots,":[67],"so":[69],"forth.":[70],"It":[71],"is":[72,232,258],"very":[73],"hard":[74],"them":[76],"to":[77,96,156,195,234,260],"detect":[78,97],"an":[79,272],"individually":[80],"running":[81],"malware":[83],"which":[84],"leave":[85],"only":[86],"few":[88],"traces.":[89],"In":[90],"this":[91],"paper,":[92],"we":[93,164,189],"develop":[94],"DGASensor":[95,111,246],"immediately":[100],"identifying":[102],"single":[104,161],"domain":[106],"using":[107,168,209],"lexical":[108,115],"evidence.":[109],"First,":[110],"automatically":[112],"analyzes":[113],"patterns":[116],"most":[119],"popular":[120],"domains":[121,174,249],"listed":[122],"in":[123,253,266],"Alexa":[124,177],"top":[125],"100,000,":[126],"then":[128],"extracts":[129],"two":[130,141],"templates,":[131,142],"namely":[132],"distribution":[133],"template":[134],"structure":[136],"template.":[137],"Second,":[138],"above":[140,211],"pronounceable":[143],"attributes,":[144],"some":[146],"frequently":[147],"properties":[149],"like":[150],"entropy":[151],"length,":[153],"are":[154],"extract":[157],"features":[158],"domain.":[162],"Third,":[163],"train":[165],"our":[166,240,254],"classifier":[167],"non-DGA":[170],"dataset":[171,182,213,256,270],"consisting":[172],"obtained":[175],"rank":[178],"generated":[183],"known":[185],"DGAs.":[186],"At":[187],"last,":[188],"provide":[190],"short":[192],"word":[193],"filter":[194],"decrease":[196],"false":[198],"positive":[199],"rate.":[200],"We":[201],"implement":[202],"prototype":[204],"system":[205],"evaluate":[207],"it":[208],"training":[212,255],"with":[214,250,271],"10-fold":[215],"cross":[216],"validation.":[217],"Moreover,":[218],"set":[220],"real":[222,236,268],"world":[223,237,269],"traffic":[225],"collected":[226],"recursive":[229],"server":[231],"measure":[235],"performance":[238],"system.":[241],"The":[242],"results":[243],"show":[244],"that":[245],"detects":[247],"accuracy":[251],"93%":[252],"able":[259],"identify":[261],"variety":[263],"extremely":[273],"high":[274],"processing":[275],"capability.":[276]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2017-06-05T00:00:00"}