Embedded Files
This is an algorithm to detect and isolate probably fake and randomly generated domain names, usually used by ransomware and security infiltration attackers to access computers connected to the internet. The most popular algorithms for generating such random domain names are generally called Domain Generation Algorithms or DGA. The present study demonstrates that DGA generated domains exhibit quite noticeable statistical differences from real domain names. We established this with the aid of a dataset provided by the Internet portal Alexa, which has one million real domains and from the freely available repository of J.Selvi (Selvi,2019), which has 32000 DGA domain names. Our results show an accuracy of 98% for the correct detection of DGA domains, making the method a reliable tool for immediately detecting malicious domain names.
Relative entropy values of DGA and NonDGA
Page updated
Google Sites
Report abuse