A domain generation algorithm (DGA) is a computer program that creates slightly different variations of a given domain name.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
If a website owner wants to use the domain name mysite.com for example, and a search on a domain-name registrar’s site revealed that the desired domain name was not unavailable, a DGA running in the site’s background might return suggestions for fifty similar site names that actually were available.
Botnet operators have discovered that DGAs can be used to hide the operator’s command and control (C&C) server and evade detection by blacklists, signature filters, reputation systems, intrusion prevention systems, security gateways and other security methods. The scheme, which is called domain fluxing, is similar to hiding a needle (the C&C server) in a haystack (a long list of IP addresses).