Research Article
Identifying APT Malware Domain Based on Mobile DNS Logging
Table 1
Features of domain name.
| FeatureSet | FeatureName |
| DNS request and answer-based features | Number of distinct source IP addresses | Number of distinct IP addresses with the same domain | IP in the same country | using the predefined IP addresses |
| Domain-based features | Alexa ranking | The length of domain | The level of domain | containing IP address |
| Time-based features | Request frequency | Reaction time | repeating pattern |
| whois-based features | Registration duration | Active duration | Update duration | Number of DNS |
|
|