cyberdefence

Classifying domains through string entropy

Chapter 2: Classifying domains through string entropy

Introduction  This is the second blog in the ‘Classifying Malicious Domains’ series, which aims to give insight into how to we at Tiberium use our knowledge of attacker’s techniques, tactics, and procedures to detect attacks before they occur.  Today we’re going to talk about ‘dodgy’ looking domains – that is a domain that looks more like a plate of alphabet soup than a bona fide website.   An early tl;dr  … Read more