System and method for botnet detection and DDoS prevention

Project Leader: Assoc. Prof. Nguyen Linh Giang

Date: January 2016 – December 2017

Botnet is a group of malware infected machines or bots. Botnet has become the main mean for cyber-criminals to send spam email, steal personal data, and launch distributed denial of service (DDoS) attacks. Most bots today rely on Domain Generation Algorithm (DGA) to generate a list of candidate domain names in order to establish the connection with the Command and Control (C&C) server. This algorithm is known as domain fluxing, where domain list is changed over time to avoid the limitations that allow researchers to shut down botnets. Uncovering DGA is critical security community.

In this research project, we work on developing deep learning-based algorithm to detect algorithmically generated domains (AGDs). We also investigate the different types, attack and defense techniques to preventing DDoS attacks.