Performance Analysis of DGA-Driven Botnets using Artificial Neural networks

A botnet is a network of devices infected with malware and controlled remotely by a person with malicious intent. Botnets can launch attacks to steal data, perform phishing, spamming and set up DDoS. Some botnets use an algorithm known as DGA- a Domain Generation Algorithm is to evade detection with some well-known blacklist detection methods. Periodically generating a list of candidate control and command server domains. The bot connects with this server with the help of querying DNS servers for the available list of domains one after another till it connects to an existing and relevant server. Creating a DGA based botnets extremely difficult to detect with their high survivability. This paper aims to analyze the Domain Generation Algorithm and implement methodologies to detect DGA-based botnets using Deep Learning and Machine Learning approaches and then compare and contrast these novel techniques with traditional Machine Learning Classifiers.