Threat research shows that a large percentage of organizations experience DNS attacks. Often, adversaries dynamically generate domain names using Domain Generation Algorithms (DGA) to create C2 infrastructure not prone to static analysis disruption.
The DGA Deep Learning pre-trained model, recently developed by the Splunk Machine Learning for Security team, processes complex domain patterns along with custom features capturing characteristics of a domain. The detection, used with a simple “apply” command, identifies DGA domains with 99.37% accuracy.
Highlights:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.