CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide (Exam CS0-002) by Brent Chapman
Author:Brent Chapman
Language: eng
Format: epub
Publisher: McGraw-Hill Education
Published: 2021-11-15T00:00:00+00:00
Domain Generation Algorithms
Domain generation algorithms (DGAs) are used to generate domains rapidly using seemingly random but predictable processes. Malware often depends on a fixed domain or IP addresses for command and control (C2) servers, and when domains are blocked, it is quite disruptive to the malwareâs operation. By cutting the link between the malware and the C2 servers, we can prevent infected machines from retrieving new commands, updates, and keys. Malware authors have discovered, however, that they may be able to prevent this countermeasure from being effective by writing their code in such a way that it can quickly switch to new domains rather than rely on a static target. This ensures that they can maintain connectivity even when domains are blocked, and that new domains are more difficult for us to guess for future blocking.
To ensure that the malware can anticipate what the new domains will be, it will need to have some degree of predictability, while remaining difficult to anticipate for the defender. After all, this is the only way this system can work in the case of lost connectivity. To achieve this, the DGA processes will use a seed, or an initial numerical or string input, and an interval for the switch to occur.
Figure 11-5 shows the Python code for a basic DGA. Line 12 of the code is the implementation of a linear congruential generator used to create pseudorandom numbers. This function, used alongside built-in functions, allows for the creation of domains as necessary. In this example, five randomized 20-character domains in the .com top-level domain (TLD) are created, as defined in line 19.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
CISA - Certified Information Systems Auditor Study Guide by Hemang Doshi(1246)
Implementing Microsoft Azure Architect Technologies: AZ-303 Exam Prep and Beyond by Brett Hargreaves and Sjoukje Zaal(1144)
Microsoft Python Certification Exam 98-281 & PCEP âPreparation Guide: Introduction To Programming Using Python, PCEP â Certified Entry Level Python Programmer by Raman Archith & Raman Dhyanashri & Raman R & Publications Raman(792)
CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide (Exam CS0-002) by Brent Chapman(594)
CompTIA Security+: SY0-601 Certification Guide Second Edition by Ian Neil(535)
CompTIA PenTest+ Certification For Dummies by Glen E. Clarke(518)
Exam Ref AZ-500 Microsoft Azure Security Technologies by Yuri Diogenes & Orin Thomas(481)
CCNP Data Center Application Centric Infrastructure 300-620 DCACI Official Cert Guide by Ammar Ahmadi(464)
AZ-303 : Microsoft Azure Architect Technologies : Volume : 01 by Specialist IP(463)
Casp+ Comptia Advanced Security Practitioner Certification All-in-one Exam Guide, Exam Cas-003 (9781260441345) by Lane Nicholas; Conklin Arthur; White Gregory B.; Williams Dwayne(432)
CompTIA PenTest+ Certification All-in-One Exam Guide (Exam PT0-001) by Raymond Nutting(420)
Official Google Cloud Certified Associate Cloud Engineer Study Guide by Dan Sullivan(401)
CompTIA Security+ Practice Tests by David Seidl(387)
AWS Certified Solutions Architect Study Guide Associate (SAA-C01) Exam Second Edition by Ben Piper & David Clinton(363)
AWS Certified SysOps Administrator Practice Tests 2021: AWS Exam-Difficulty Practice Questions with Answers & detailed Explanations by Davis Neal(350)
Exam Ref MS-500 Microsoft 365 Security Administration by Ed Fisher & Nate Chamberlain(333)
AWS Certified SysOps Administrator Study Guide by Sara Perrott & Brett McLaughlin(331)
OCP Oracle Certified Professional Java SE 11 Developer Complete Study Guide by Jeanne Boyarsky & Scott Selikoff(319)
Redis Certified Developer: Exam Practice Tests by Scutaru Cristian(316)
