FANCI: Feature-based Automated NXDomain Classification Intelligence

FANCI is a prototype implementation of a machine learning based classification engine for non-existent domains to detect domain gernation algorithm malware traffic.

Installation and Usage Hints

FANCI was tested and used on Ubuntu 16.04 and MacOS using Anaconda Python Environments. To get started its a good idea to use a Python Interpreter such as IPython and play around a little bit.

Research Paper

FANCI is the result of research. You can find the corresponding research paper here: FANCI - Usenix 2018


This is a work under development and there may some things be missing at the moment and some things may be unclean or not fully functional. Furthermore there are some things that are specific for the developers enviroment such as hard coded paths.