A domain generation algorithm (DGA) is a computer program that creates slightly different variations of a given domain name.
If a website owner wants to use the domain name mysite.com for example, and a search on a domain-name registrar’s site revealed that the desired domain name was not unavailable, a DGA running in the site’s background might return suggestions for fifty similar site names that actually were available.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Botnet operators have discovered that DGAs can be used to hide the operator’s command and control (C&C) server and evade detection by blacklists, signature filters, reputation systems, intrusion prevention systems, security gateways and other security methods. The scheme, which is called domain fluxing, is similar to hiding a needle (the C&C server) in a haystack (a long list of IP addresses).