Abstract

On the Internet and other IP networks, the Domain Name System (DNS) is used to identify machines. Resource entries in the DNS link domain names to various sorts of data. Commonly, it is used to transform domain names to IP addresses so that computers may locate services and devices utilizing the underlying network protocols. Due to a lack of security safeguards, cybercriminals use the Domain Name System (DNS) to launch attacks. So how to quickly locate and block possibilities? Finding rogue websites and their IP addresses has become a prominent research topic. Preventing unknown cyber-attacks is critical. This article advocated analysing enormous amounts of mobile web traffic to find dangerous domains. To classify, we used text and domain traffic statistics. Then we gave three typical classifiers to compare their impacts. The Spark framework is used to calculate huge amounts of DNS traffic. Our system's efficiency persuades us. It can be very useful in network security. The new features are tough to use and assist in identifying rogue domains. We tested MalPortrait using real-world big ISP networks' passive DNS traffic.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.