Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
1 vulnerability by Palo Alto Networks ML-based DGA detection module
AVID-2023-V002
Vulnerability from avid – Published: 2023-03-31 – Updated: 2023-03-31 ATLAS Case StudySummary
The Palo Alto Networks Security AI research team was able to bypass a Convolutional Neural Network based botnet Domain Generation Algorithm (DGA) detector using a generic domain name mutation technique.
It is a generic domain mutation technique which can evade most ML-based DGA detection modules.
The generic mutation technique evades most ML-based DGA detection modules DGA and can be used to test the effectiveness and robustness of all DGA detection methods developed by security companies in the industry before they is deployed to the production environment.
Risk domain
Security
SEP view
S0403: Adversarial Example
Lifecycle
L06: Deployment
Organisations
Affected artifacts
1 artifact
| Artifact | Type |
|---|---|
| Palo Alto Networks ML-based DGA detection module | System |
References
3 references
| URL | Label |
|---|---|
| https://atlas.mitre.org/studies/AML.CS0001 | Botnet Domain Generation Algorithm (DGA) Detection Evasion |
| http://faculty.washington.edu/mdecock/papers/byu2… | Yu, Bin, Jie Pan, Jiaming Hu, Anderson Nascimento, and Martine De Cock. "Character level based detection of DGA domain names." In 2018 International Joint Conference on Neural Networks (IJCNN), pp. 1-8. IEEE, 2018. |
| https://github.com/matthoffman/degas | Degas source code |