Domain Generation Algorithms (DGAs) are now commonplace among malware. DGA malware automatically generates large numbers of domain names in Domain Name System (DNS) domain fluxing, in order to bypass domain blacklisting.
For example, DGAs are often used by botnet controllers (e.g., masters of bots) for Command-and-Control (C&C) communications of botnets to dynamically produce a large number of random domain names and select a relatively small subset of those domain names for actual command and control use. In order to mitigate the risk presented by these large numbers of potentially malicious domains, it is useful to be able to automatically detect DGA generated Uniform Resource Locators (URLs).