Bouwers, P. (2015) A malware detection system using domain name information. Master's Thesis / Essay, Computing Science.
|
Text
master_thesis_pascal_bouwers.pdf - Published Version Download (971kB) | Preview |
|
![[img]](https://fse.studenttheses.ub.rug.nl/style/images/fileicons/text.png) |
Text
toestemming.pdf - Other Restricted to Backend only Download (505kB) |
Abstract
It is a continuous challenge for companies to detect malware infected clients in their network. Cyber-attacks are a constantly growing threat for companies, especially ones that have valuable and critical information that they need to keep confidential. This confidentiality can be breached by malware infected clients in their network, which can lead to both financial as well as reputational damage to the company. In this work we present a network-based malware detection system that is able to detect malware infections inside a network by logging the DNS requests and responses that leave and enter the network. This DNS traffic is used to classify requested domain names as either legitimate or malicious. This allows for the detection of malware infections within a network by identifying hosts that create DNS requests for malicious domain names. The presented system is able to correctly classify 93,66% of the domain names from a test set as either legitimate or malicious. This test set consists of 250.000 legitimate domain names and 250.000 malicious domain names.
| Item Type: | Thesis (Master's Thesis / Essay) |
|---|---|
| Degree programme: | Computing Science |
| Thesis type: | Master's Thesis / Essay |
| Language: | English |
| Date Deposited: | 15 Feb 2018 08:09 |
| Last Modified: | 15 Feb 2018 08:09 |
| URI: | https://fse.studenttheses.ub.rug.nl/id/eprint/13509 |
Actions (login required)
 |
View Item |