Recovery of files after detection of APT malware using FRR algorithm

Authors

  • Vidya Gholap Department of Comp engineering, D. Y. Patil College of engineering
  • Kamini Borkar Department of Comp engineering, D. Y. Patil College of engineering
  • Sonali Rajput Department of Comp engineering, D. Y. Patil College of engineering
  • Pallavi Patil Department of Comp engineering, D. Y. Patil College of engineering
  • Ms. Deepali Chaudhari Department of Comp engineering, D. Y. Patil College of engineering

Keywords:

APT, Command and Control, Traffic Analysis, Security. Malware Infections; DNS.

Abstract

APT (Advanced Persistent Threat) is a genuine risk to the Internet. With the help of APT malware, attackers
can remotely control infected machine and steal the personal information. DNS is well known for malware to find
command and control (C&C) servers. The proposed novel system placed at the network departure guide that points
toward effectively and efficiently detect APT malware infections based on malicious DNS and traffic analysis. To detect
suspicious APT malware C&C domains the system utilizes malicious DNS analysis method, and afterward analyse the
traffic of the comparing suspicious IP utilizing anomaly-based and signature based detection innovation. There are
separated 14 features in view of big data to describe properties of malware-related DNS. This manufactured a reputation
engine to compute a score for an IP address by utilizing these elements vector together

Published

2017-03-25

How to Cite

Vidya Gholap, Kamini Borkar, Sonali Rajput, Pallavi Patil, & Ms. Deepali Chaudhari. (2017). Recovery of files after detection of APT malware using FRR algorithm. International Journal of Advance Engineering and Research Development (IJAERD), 4(3), 656–660. Retrieved from https://ijaerd.com/index.php/IJAERD/article/view/2144