جستجوی مقالات مرتبط با کلیدواژه « c­&­c server » در نشریات گروه « فنی و مهندسی »

Domain generation algorithms (DGAs) are used in Botnets as rendezvous points to their command and control (C&C) servers, and can continuously provide a large number of domains which can evade detection by traditional methods such as Blacklist. Internet security vendors often use blacklists to detect Botnets and malwares, but the DGA can    continuously update the domain to evade blacklist detection. In this paper, first, using features engineering; the three types of structural, statistical and linguistic features are extracted for the detection of DGAs, and then a new dataset is produced by using a dataset with normal DGAs and two datasets with malicious DGAs. Using supervised machine learning algorithms, the classification of DGAs has been performed and the results have been compared to determine a DGA detection model with a higher accuracy and a lower error rate. The results obtained in this paper show that the random forest algorithm offers accuracy rate, detection rate and receiver operating characteristic (ROC) equal to 89.32%, 91.67% and 0.889, respectively. Also, compared to the results of the other investigated algorithms, the random forest algorithm presents a lower false positive rate (FPR) equal to 0.373.

The SIP protocol was standardized by the IETF at the application layer for initiating, managing, and terminating multimedia sessions and has been widely used as the main signaling protocol on both the Internet and VoIP networks. Most challenges in this protocol are overload and lack of proper state distribution. These challenges cause a wide range of next-generation network users to face a sharp decline in service quality. In this article, we define the state distribution problem between several nodes where the state maintenance is accompanied by considerable consumption of resources leading to overload. For the problem solution, the goal is to increase the overall throughput of calls and the availability of servers. First, we provide a framework based on software-defined networking technology, and then we formulate the problem as an optimization problem and implement and evaluate it as a module on the proposed controller. This leads to a more scalable SIP network that dynamically determines the number of SIP requests for which the server is modeled while delegating the state maintenance to its downstream server for the rest of the requests. This is in contrast to existing SIP servers because they are statically configured to be either stateless or stateful, resulting in non-optimal call throughput. Performance evaluation is performed at two levels of infrastructure and control and the results are presented.