{"id":"https://openalex.org/W4402957797","doi":"https://doi.org/10.1145/3678890.3678913","title":"Down to earth! Guidelines for DGA-based Malware Detection","display_name":"Down to earth! Guidelines for DGA-based Malware Detection","publication_year":2024,"publication_date":"2024-09-29","ids":{"openalex":"https://openalex.org/W4402957797","doi":"https://doi.org/10.1145/3678890.3678913"},"language":"en","primary_location":{"id":"doi:10.1145/3678890.3678913","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3678890.3678913","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 27th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3678890.3678913","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5107589746","display_name":"Bogdan Constantin Cebere","orcid":"https://orcid.org/0000-0003-3120-3292"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Bogdan Constantin Cebere","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Germany"],"raw_orcid":"https://orcid.org/0000-0003-3120-3292","affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5107629127","display_name":"Jonathan Lasse Bennet Flueren","orcid":null},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jonathan Lasse Bennet Flueren","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Germany"],"raw_orcid":"https://orcid.org/0009-0007-3069-6714","affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086083165","display_name":"Silvia Sebasti\u00e1n","orcid":"https://orcid.org/0000-0001-7675-0535"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Silvia Sebasti\u00e1n","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Spain"],"raw_orcid":"https://orcid.org/0000-0001-7675-0535","affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Spain","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003704061","display_name":"Daniel Plohmann","orcid":null},"institutions":[{"id":"https://openalex.org/I4210166245","display_name":"Fraunhofer Institute for Communication, Information Processing and Ergonomics","ror":"https://ror.org/05nn0gw40","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210166245","https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Daniel Plohmann","raw_affiliation_strings":["Fraunhofer FKIE, Germany"],"raw_orcid":"https://orcid.org/0009-0006-9788-4376","affiliations":[{"raw_affiliation_string":"Fraunhofer FKIE, Germany","institution_ids":["https://openalex.org/I4210166245"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5033589837","display_name":"Christian Rossow","orcid":"https://orcid.org/0000-0003-2470-8444"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christian Rossow","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Germany"],"raw_orcid":"https://orcid.org/0000-0003-2470-8444","affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Germany","institution_ids":["https://openalex.org/I4210128801"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5107589746"],"corresponding_institution_ids":["https://openalex.org/I4210128801"],"apc_list":null,"apc_paid":null,"fwci":1.6441,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.84806234,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"147","last_page":"165"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9927999973297119,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7733405828475952},{"id":"https://openalex.org/keywords/earth","display_name":"Earth (classical element)","score":0.6087103486061096},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5864273309707642},{"id":"https://openalex.org/keywords/remote-sensing","display_name":"Remote sensing","score":0.35540342330932617},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3457299470901489},{"id":"https://openalex.org/keywords/geology","display_name":"Geology","score":0.17833921313285828},{"id":"https://openalex.org/keywords/physics","display_name":"Physics","score":0.06852734088897705},{"id":"https://openalex.org/keywords/astronomy","display_name":"Astronomy","score":0.059608280658721924}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7733405828475952},{"id":"https://openalex.org/C26148502","wikidata":"https://www.wikidata.org/wiki/Q2488752","display_name":"Earth (classical element)","level":2,"score":0.6087103486061096},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5864273309707642},{"id":"https://openalex.org/C62649853","wikidata":"https://www.wikidata.org/wiki/Q199687","display_name":"Remote sensing","level":1,"score":0.35540342330932617},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3457299470901489},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.17833921313285828},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.06852734088897705},{"id":"https://openalex.org/C1276947","wikidata":"https://www.wikidata.org/wiki/Q333","display_name":"Astronomy","level":1,"score":0.059608280658721924}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/3678890.3678913","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3678890.3678913","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 27th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},{"id":"pmh:oai:figshare.com:article/26326132","is_oa":true,"landing_page_url":"https://figshare.com/articles/preprint/Down_to_earth_Guidelines_for_DGA-based_Malware_Detection/26326132","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"pmh:oai:publica.fraunhofer.de:publica/487823","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/487823","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference paper"},{"id":"doi:10.60882/cispa.26326132.v1","is_oa":true,"landing_page_url":"https://doi.org/10.60882/cispa.26326132.v1","pdf_url":null,"source":{"id":"https://openalex.org/S7407050916","display_name":"CISPA Helmholtz Center","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.1145/3678890.3678913","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3678890.3678913","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 27th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":78,"referenced_works":["https://openalex.org/W17316494","https://openalex.org/W1593532658","https://openalex.org/W1595868485","https://openalex.org/W1748932423","https://openalex.org/W1775772884","https://openalex.org/W1976866799","https://openalex.org/W2002011878","https://openalex.org/W2015861736","https://openalex.org/W2082550445","https://openalex.org/W2083183119","https://openalex.org/W2088252378","https://openalex.org/W2135471293","https://openalex.org/W2137345105","https://openalex.org/W2194775991","https://openalex.org/W2295598076","https://openalex.org/W2528500008","https://openalex.org/W2528572867","https://openalex.org/W2581205139","https://openalex.org/W2588126298","https://openalex.org/W2728121559","https://openalex.org/W2742673065","https://openalex.org/W2752533296","https://openalex.org/W2768793959","https://openalex.org/W2773625629","https://openalex.org/W2773671123","https://openalex.org/W2786906486","https://openalex.org/W2900892325","https://openalex.org/W2903950532","https://openalex.org/W2912464539","https://openalex.org/W2914500721","https://openalex.org/W2941262352","https://openalex.org/W2942650110","https://openalex.org/W2954590176","https://openalex.org/W2962836923","https://openalex.org/W2968390691","https://openalex.org/W2971890500","https://openalex.org/W2994857929","https://openalex.org/W2995774794","https://openalex.org/W3014018380","https://openalex.org/W3019675698","https://openalex.org/W3020685193","https://openalex.org/W3036942035","https://openalex.org/W3046395559","https://openalex.org/W3085382268","https://openalex.org/W3093481824","https://openalex.org/W3094099251","https://openalex.org/W3094514336","https://openalex.org/W3099911231","https://openalex.org/W3103331180","https://openalex.org/W3110537338","https://openalex.org/W3112486745","https://openalex.org/W3120836831","https://openalex.org/W3126690668","https://openalex.org/W3131488785","https://openalex.org/W3133309708","https://openalex.org/W3139210187","https://openalex.org/W3157122743","https://openalex.org/W3159853536","https://openalex.org/W3173684417","https://openalex.org/W3184109516","https://openalex.org/W3195826529","https://openalex.org/W3198971113","https://openalex.org/W3211761109","https://openalex.org/W4200215038","https://openalex.org/W4225070666","https://openalex.org/W4281856661","https://openalex.org/W4285120399","https://openalex.org/W4288079986","https://openalex.org/W4293192745","https://openalex.org/W4294672375","https://openalex.org/W4295854586","https://openalex.org/W4318275388","https://openalex.org/W4380686105","https://openalex.org/W4383753505","https://openalex.org/W4383989173","https://openalex.org/W4385624023","https://openalex.org/W4386145020","https://openalex.org/W6743493502"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W4284893819","https://openalex.org/W2249809453"],"abstract_inverted_index":{"Successful":[0],"malware":[1],"campaigns":[2],"rely":[3],"on":[4,42],"Command-and-Control":[5],"(C2)":[6],"infrastructure,":[7],"enabling":[8],"attackers":[9,27],"to":[10,17,23,70],"extract":[11],"sensitive":[12],"data":[13],"and":[14,60],"give":[15],"instructions":[16],"bots.":[18],"As":[19],"a":[20],"resilient":[21],"mechanism":[22],"obtain":[24],"C2":[25,37],"endpoints,":[26],"can":[28],"employ":[29],"Domain":[30],"Generation":[31],"Algorithms":[32],"(DGAs),":[33],"which":[34],"automatically":[35],"generate":[36],"domains":[38,73],"instead":[39],"of":[40],"relying":[41],"static":[43],"ones.":[44],"Thus,":[45],"researchers":[46],"have":[47],"proposed":[48],"network-level":[49],"detection":[50],"approaches":[51,64],"that":[52],"reveal":[53],"DGA":[54,72],"usage":[55],"by":[56],"differentiating":[57],"between":[58],"non-DGA":[59],"generated":[61],"domains.":[62],"Recent":[63],"train":[65],"machine":[66],"learning":[67],"(ML)":[68],"models":[69],"recognize":[71],"using":[74],"pattern":[75],"recognition":[76],"at":[77],"the":[78],"domain\u2019s":[79],"character":[80],"level.":[81]},"counts_by_year":[{"year":2025,"cited_by_count":5}],"updated_date":"2025-12-21T23:12:01.093139","created_date":"2025-10-10T00:00:00"}