Definition

domain generation algorithm (DGA)

Contributor(s): Sharon Shea

A domain generation algorithm (DGA) is a computer program that creates slightly different variations of a given domain name.

If a website owner wants to use the domain name mysite.com for example, and a search on a domain-name registrar’s site revealed that the desired domain name was not unavailable, a DGA running in the site’s background might return suggestions for fifty similar site names that actually were available.

Botnet operators have discovered that DGAs can be used to hide the operator’s command and control (C&C) server and evade detection by blacklists, signature filters, reputation systems, intrusion prevention systems, security gateways and other security methods.  The scheme, which is called domain fluxing, is similar to hiding a needle (the C&C server) in a haystack (a long list of IP addresses).  

This was last updated in July 2014

Continue Reading About domain generation algorithm (DGA)

Dig Deeper on Malware, Viruses, Trojans and Spyware

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close