A web browser Plug-In that could detect malicious domain and classify it into its respective DGA malware family using Deep learning techniques.
The web browser is one of the most heavily used programs on a computer or mobile device today. Attackers typically target the web browser to either hijack or snoop on the web traffic from it, or exploit it to access the device itself, and the files saved on it. Cyber-criminals carries out these malicious activities using illegitimate websites that are generated using Domain generated algorithm (DGA). Present scenario uses DGA detection techniques such a Blacklisting and Rule Based approaches. This techniques are evaded by recent botnets by making use of DGA. The aim of this project is to detect the malicious domains hence classifying Domain for Safer Browsing. Deep learning techniques are applied to DGA detection and categorization. Most of the methods have used Keras embedding as their DGA representation method. This facilitates to learn the syntactic and semantic similarity among the characters in a domain name. The Keras embedding matrix is passed into several deep learning layers such as convolutional neural network (CNN), recurrent neural network (RNN), long-short-term memory and CNN-LSTM.