• home
• current students
• graduate
• events

Presenter: Jupiter Bu
Supervisor:

Date: Mon, April 24, 2023
Time: 09:30:00 - 10:30:00
Place: via Zoom - please see link below

ABSTRACT

Zoom Meeting Link: 

https://uvic.zoom.us/j/85279951737?pwd=M2lCeEIwbFlMMmp2eGpSaDNKNHNTZz09 

Meeting ID: 852 7995 1737
Password: 553184 

One tap mobile 

+17789072071,,85279951737# Canada 

+16475580588,,85279951737# Canada  

Dial by your location 

        +1 778 907 2071 Canada 

        +1 647 558 0588 Canada 

Meeting ID: 852 7995 1737 

Find your local number: https://uvic.zoom.us/u/kc0TiR60vO   

Note: Please log in to Zoom via SSO and your UVic Netlink ID.   

ABSTRACT:   

Malicious domains are a serious threat to network security as they deceive users into accessing them, leading to information disclosure, identity theft, and economic losses. Despite efforts to tackle this problem, cybercriminals continue to buy and use brand-new domains to evade detection, bypassing network defenses and endangering users' security. Predicting future malicious domains in advance can greatly reduce their harm. The Domain Prediction System (DPS) developed by one of the industry partners of the Information Security and Object Technology (ISOT) Lab aims to predict in advance potentially malicious domains, but the effectiveness of the system needs to be tested as it is uncertain whether the predicted domains will be used for malicious purposes. This report introduces the problem's background and a description of the dataset used in the experiments. Then evaluates the effectiveness of the DPS system by comparing two sets of models: baseline and predictive models. The baseline models were obtained by training and testing different machine learning (ML) classifiers using existing (known) benign and malicious domains. The predictive models were obtained by training the ML classifiers using domains generated by the DPS that may be used for malicious purposes, and testing using the same benign domains as previously. The evaluation of the predictive models on the same test set as the baseline models yielded comparable performance measures, providing a strong indication of the utility and credibility of the predicted domains.