Fig 1.
Flow diagram illustrating end-to-end privacy-preserving DGA detection as a service.
The DNS domain name classifier of the service provider (Bob) is trained with DP-SGD to provide differential privacy (DP) guarantees (output privacy). New domain names coming from Alice are classified with Bob’s model by secure multi-party computation (MPC). Protocols executed by MPC servers in the cloud over encrypted data (input privacy).
Fig 2.
Illustration of the use of a DGA.
The botmaster and malware on an infected client generate the same list of domain names. The botmaster registers a domain from the list. The malware attempts to resolve each domain from the list with the DNS until it finds the registered domain and a connection between the infected client and the C&C is successfully established.
Table 1.
Results on the DGA inference accuracy for different noise levels with and without quantization.
Table 2.
Inference using MP-SPDZ protocol.
Table 3.
Inference using MP-SPDZ protocol with quantization after DP training.