Malicious domains play an important role in many attack schemes. From distributing malware to hosting command and control (C&C) servers and trafﬁc distribution, malicious domains are essential to the success of nearly all popular attack vectors. In this paper, we propose a system for predicting the domains that are most likely to be used (or are about to be used) as malicious domains. Our approach leverages the knowledge of the life cycle of malicious domains, as well as the observation of resource re-use across different attacks. The proposed system is built on top of various data feeds from the real world and our evaluation demonstrates the effectiveness of the predicted malicious domains.
As a member we will keep you informed. Get exclusive invites to events, Unit 42 threat alerts, and the latest cybersecurity tips.