Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 41423 (19)
- University: Sharif University of Technology
- Department: Computer Engineering
- Advisor(s): Kharrazi, Mehdi
- Abstract:
- One of the most famous attacks through the internet is the phishing attack. There have been several tools which have been applied in order to discover and confront against this type of attack. Since attackers can change their approaches by spending little cost, they apply methods in order to elude these tools. One of the tricks which has been popular between attackers recently is utilization of Fast-Flux Service Networks. By using these destructive networks, recognition of the main server becomes more complicated. Therefore, the server obtains more accessibility in comparison to the past situation and the life time becomes longer.In this thesis, by collecting data of Sharif server and analyzing different responses of the server to queries passively, we try to detect black domains which have been questioned from Sharif server and have shown fast fluxes in their behaviors. The proposed method is independent of available black and white lists and WHOIS databases and has fewer restrictions than previous methods. Four different models were introduced, surveyed and analyzed for suspicious behaviors based on fast fluxes on domains, IPs and name servers. The results showed that false positive parameter of the proposed method is just 0.1% which is very satisfac
- Keywords:
- Phishing Attack ; Domain Name System (DNS) ; Fast-Flux Service Network
Digital Object List
-
محتواي کتاب
- view
Bookmark