Improving the Efficiency of a New Malicious Domain Prediction System

Date

2023-05-02

Authors

Arora, Aashish

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Cybersecurity is a key concern in today’s digital era and healthy number of cyber-attacks are launched every day. Malicious domains represent one of the media through which attacks are launched and malicious artifacts are spread. While many malicious domains are known and blacklisted, a sizable number of new domains registered by cybercriminals are unknown to blacklist maintainers, and as such can be used undetected in ongoing and future hacking campaigns. The Domain Prediction System (DPS) is a prototype malicious domain prediction system developed by one of the industry partners of the ISOT Lab. Based on a small number of seed blacklisted domains, DPS generates a list of associated registered domains that can potentially be malicious in the future. Predicting malicious domains is a long slog process that involves mining and iterating over billions registered domains. This project focuses on reviewing, evaluating, and improving the performance of the prototype implementation of DPS. A code was provided but had several efficiency issues and inaccurate outputs. As a result, this report identifies problems in the existing code and proposes solutions to improve performance. Additionally, some experimental details are presented to demonstrate effectiveness. Furthermore, a Flask web-based application was developed to host the project and make it easier to use.

Description

Keywords

Malicious domain, Domain prediction

Citation