@inproceedings{jia2021detection,
author = {Jia, Jinyuan and Dong, Zheng and Li, Jie and Stokes, Jay},
title = {Detection of Malicious DNS and Web Servers Using Graph-Based Approaches},
organization = {IEEE},
booktitle = {IEEE International Conference on Acoustics, Speech and Signal Processing},
year = {2021},
month = {June},
abstract = {The DNS hijacking attack represents a significant threat to users. In this type of attack, a malicious DNS server redirects a victim domain to an attacker-controlled web server. Existing defenses are not scalable and have not been widely deployed. In this work, we propose both unsupervised and semi-supervised defenses based on the available knowledge of the defender. Specifically, our unsupervised defense is a graph-based detection approach employing a new variant of the community detection algorithm. When the IP addresses of several compromised DNS servers are available, we also propose a semi-supervised defense for the detection of compromised or malicious web servers which host the web content. We evaluate our defenses on a real-world attack. The experimental results show that our defenses can successfully identify these malicious web servers and/or DNS server IPs. Moreover, we find that a deep learning-based algorithm, i.e., node2vec, outperforms one which employs belief propagation.},
url = {http://approjects.co.za/?big=en-us/research/publication/detection-of-malicious-dns-and-web-servers-using-graph-based-approaches/},
}