[1] 郭晓军. 面向DGA类型Bot的命令控制通信过程研究[J]. 网络安全技术与应用, 2017(8):48-49. (GUO X J. Research on command control communication process for DGA type bot[J]. Network Security Technology and Application, 2017(8):48-49.) [2] 彭成维,云晓春,张永铮,等.一种基于域名请求伴随关系的恶意域名检测方法[J]. 计算机研究与发展, 2019, 56(6):1263-1274. (PENG C W, YUN X C, ZHANG Y Z, et al. Detecting malicious domains using co-occurrence relation between DNS query[J]. Journal of Computer Research and Development, 2019, 56(6):1263-1274.) [3] MOUBAYED A, INJADAT M, SHAMI A, et al. DNS typo-squatting domain detection:a data analytics & machine learning based approach[C]//Proceedings of the 2018 IEEE Global Communications Conference. Piscataway:IEEE, 2018:1-7. [4] AHMAD I, PARVEZ A, IQBAL A. TypoWriter:a tool to prevent typosquatting[C]//Proceedings of the IEEE 43rd Annual Computer Software and Applications Conference. Piscataway:IEEE, 2019:423-432. [5] 马旸,强小辉,蔡冰,等. 大规模网络中基于集成学习的恶意域名检测[J]. 计算机工程, 2016, 42(11):170-176. (MA Y, QIANG X H, CAI B, et al. Malicious domain name detection based on integrated learning in large-scale network[J]. Computer Engineering, 2016, 42(11):170-176.) [6] The Free Dictionary. Cybersquatting[EB/OL].[2019-04-26]. http://www.thefreedictionary.com/cybersquatting. [7] EDELMAN B. Large-scale registration of domains with typographical errors[EB/OL].[2019-03-03]. https://cyber.harvard.edu/archived_content/people/edelman/typo-domains/. [8] DINABURG A. Bitsquatting:DNS hijacking without exploitation[EB/OL].[2019-03-18].https://media.blackhat.com/bh-us-11/Dinaburg/BH_US_11_Dinaburg_Bitsquatting_WP.pdf. [9] MOORE T, EDELMAN B. Measuring the perpetrators and funders of typosquatting[C]//Proceedings of the 14th International Conference on Financial Cryptography and Data Security, LNCS 6052. Berlin:Springer, 2010:175-191. [10] Alexa Internet Inc. Alexa top 1000000 sites[EB/OL].[2019-03-18]. http://s3.amazonaws.com/alexa-static/top-1m.csv.zip. [11] SZURDI J, KOCSO B, CSEH G, et al. The long "taile" of typosquatting domain names[C]//Proceedings of the 23rd USENIX Conference on Security Symposium. Berkeley:USENIX Association, 2014:191-206. [12] BANERJEE A, BARMAN D, FALOUTSOS M, et al. Cyber-fraud is one typo away[C]//Proceedings of the 27th Conference on Computer Communications. Piscataway:IEEE, 2008:1939-1947. [13] AGTEN P, JOOSEN W, PIESSENS F, et al. Seven months' worth of mistakes:a longitudinal study of typosquatting abuse[C]//Proceedings of the 22nd Network and Distributed System Security Symposium. Reston:Internet Society, 2015:156-168. [14] KINTIS P, MIRAMIRKHANI N, LEVER C, et al. Hiding in plain sight:a longitudinal study of combosquatting abuse[C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM, 2017:569-586. [15] TAHIR R, RAZA A, AHMAD F, et al. It's all in the name:why some URLs are more vulnerable to typosquatting[C]//Proceedings of the 2018 IEEE Conference on Computer Communications. Piscataway:IEEE, 2018:2618-2626. [16] SPAULDING J, NYANG D, MOHAISEN A. Understanding the effectiveness of typosquatting techniques[C]//Proceedings of the 5h ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies. New York:ACM, 2017:Article No.9. [17] 张洋,柳厅文,沙泓州,等. 基于多元属性特征的恶意域名检测[J]. 计算机应用, 2016, 36(4):941-944, 984. (ZHANG Y, LIU T W, SHA H Z, et al. Malicious domain detection based on multiple-dimensional features[J]. Journal of Computer Applications, 2016, 36(4):941-944, 984.) [18] BANERJEE A, RAHMAN M S, FALOUTSOS M. SUT:quantifying and mitigating URL typosquatting[J]. Computer Networks, 2011, 55(13):3001-3014. [19] VISSERS T, JOOSEN W, NIKIFORAKIS N. Parking sensors:analyzing and detecting parked domains[C]//Proceedings of the 22nd Network and Distributed System Security Symposium. Reston:Internet Society, 2015:1-14. [20] HUSAIN M D, IQBAL A. An empirical study on typosquatting abuse in Bangladesh[C]//Proceedings of the 2017 International Conference on Networking, Systems and Security. Piscataway:IEEE, 2017:47-54. [21] PIREDDA P, ARIU D, BIGGIO B, et al. Deepsquatting:learning-based typosquatting detection at deeper domain levels[C]//Proceedings of the 16th Conference of the Italian Association for Artificial Intelligence, LNCS 10640. Cham:Springer, 2017:347-358. [22] LIU T, ZHANG Y, SHI J, et al. Towards quantifying visual similarity of domain names for combating typosquatting abuse[C]//Proceedings of the 2016 IEEE Military Communications Conference. Piscataway:IEEE, 2016:770-775. [23] BLACK P E. Compute visual similarity of top-level domains[EB/OL]. (2008-02-05)[2019-11-12]. https://hissa.nist.gov/~black/GTLD/. [24] NIKIFORAKIS N, BALDUZZI M, DESMET L, et al. Soundsquatting:uncovering the use of homophones in domain squatting[C]//Proceedings of the 17th International Conference on Information Security, LNCS 8783. Cham:Springer, 2014:291-308. [25] NIKIFORAKIS N, VAN ACKER S, MEERT W, et al. Bitsquatting:Exploiting bit-flips for fun, or profit?[C]//Proceedings of the 22nd International Conference on World Wide Web. New York:ACM, 2013:989-998. [26] 臧小东,龚俭,胡晓艳. 基于AGD的恶意域名检测[J]. 通信学报, 2018, 39(7):15-25. (ZANG X D, GONG J, HU X Y. Detecting malicious domain names based on AGD[J]. Journal on Communications, 2018, 39(7):15-25.) [27] 牛伟纳,张小松,孙恩博,等. 基于流相似性的两阶段P2P僵尸网络检测方法[J]. 电子科技大学学报, 2017, 46(6):902-906, 948. (NIU W N, ZHANG X S, SUN E B, et al. Two-stage P2P botnet detection method based on flow similarity[J]. Journal of University of Electronic Science and Technology of China, 2017, 46(6):902-906, 948.) [28] FU Y, YU L, HAMBOLU O, et al. Stealthy domain generation algorithms[J]. IEEE Transactions on Information Forensics and Security, 2017, 12(6):1430-1443. [29] TONG V, NGUYEN G. A method for detecting DGA botnet based on semantic and cluster analysis[C]//Proceedings of the 7th Symposium on Information and Communication Technology. New York:ACM, 2016:272-277. [30] 赵宏,常兆斌,王乐. 基于词法特征的恶意域名快速检测算法[J]. 计算机应用, 2019, 39(1):227-231. (ZHAO H, CHANG Z B, WANG L. Fast malicious domain name detection algorithm based on lexical features[J]. Journal of Computer Applications, 2019, 39(1):227-231.) [31] SONG W, LI B. A method to detect machine generated domain names based on random forest algorithm[C]//Proceedings of the 2016 International Conference on Information System and Artificial Intelligence. Piscataway:IEEE, 2016:509-513. [32] NCC Group Plc. A finder of domain typos showing country of IP address[EB/OL].[2019-02-15].https://github.com/nccgroup/typofinder. [33] 左晓军,董立勉,曲武. 基于域名系统流量的Fast-Flux僵尸网络检测方法[J]. 计算机工程, 2017, 43(9):185-193. (ZUO X J, DONG L M, QU W. Fast-Flux botnet detection based on domain name system traffic[J]. Computer Engineering, 2017, 43(9):185-193.) |