帮助 关于我们

返回检索结果

融合字符级滑动窗口和深度残差网络的僵尸网络DGA域名检测方法
Novel Botnet DGA Domain Detection Method Based on Character Level Sliding Window and Deep Residual Network

查看参考文献17篇

刘小洋 1   刘加苗 1 *   刘超 1   张宜浩 2  
文摘 本文提出了一种基于字符级滑动窗口的深度残差网络(Sliding Window-Depth Residual Network,SWDRN),首次将轻量级深度可分离式卷积应用于僵尸网络中DGA(Domain Generation Algorithm)域名检测. SW-DRN采用深度可分离式卷积,相比标准卷积减少了约56%的参数,增强了模型检测效率.采集两种不同来源的数据,分别命名为Real-Dataset和Gen-Dataset. SW-DRN与对照组模型在两个数据集上进行实验,实验结果表明:SW-DRN模型在DGA域名二分类任务中的F-Score评估指标上分别取得了99.23%和97.81%的成绩;并且在少样本DGA域名家族以及域名字符串易混淆DGA域名情形下多分类任务中取得不错的成绩,相比目前已有的DGA域名分类模型在总体FScore上提升了1.23%和1.01%的性能,增强了DGA域名家族之间的识别;同时还对所提出的模型在生成对抗模型产生域名进行测试,均能得到有效的识别.
其他语种文摘 This paper proposed a character-level sliding window based deep residual network model SW-DRN (Sliding Window-Depth Residual Network), which was the first to apply light depthwise separable convolution to the DGA(Domain Generation Algorithm) domain name detection. In SW-DRN, the use of depthwise separable convolution reduced the number of model parameters by about 56% compared with standard convolution, which enhanced the efficiency of model detection. Collect data from two different sources, named Real-Dataset and Gen-Dataset. Finally, comparison experiments on the dataset with the proposed DGA domain name detection model by previous researchers. Experimental results on two datasets show that the proposed SW-DRN model has achieved good results of 99.23% and 97.81% on the F-Score evaluation indicator in the DGA domain name binary classification task. Compared with the existing DGA domain name classification model, the SW-DRN has made a 1.23% and 1.01% performance improvement on the F-Score, enhancing the DGA domain name family recognition. At the same time, the proposed model tests in the generative adversarial networks to generate domain names, and it can be effectively identified.
来源 电子学报 ,2022,50(1):250-256 【核心库】
DOI 10.12263/DZXB.20200619
关键词 域名生成算法 ; 字符级向量 ; 残差网络 ; 深度可分离式卷积
地址

1. 重庆理工大学计算机科学与工程学院, 重庆, 400054  

2. 重庆理工大学人工智能学院, 重庆, 401135

语种 中文
文献类型 研究性论文
ISSN 0372-2112
学科 电子技术、通信技术
基金 国家社会科学基金
文献收藏号 CSCD:7169578

参考文献 共 17 共1页

1.  Antonakakis M. Detecting malware domains at the upper dns hierarchy. USENIX security symposium. Proceedings of the 20th USENIX conference on Security,2011:1-16 CSCD被引 1    
2.  Yadav S. Detecting algorithmically generated domain-flux attacks with DNS traffic analysis. IEEE/ACM Transactions on Networking,2012,20(5):1663-1677 CSCD被引 15    
3.  Antonakakis M. From throw-away traffic to bots: Detecting the rise of DGAbased malware. Proceedings of the 21st USENIX Conference on Security Symposium,2012:491-506 CSCD被引 1    
4.  Woodbridge J. Predicting domain generation algorithms with long short-term memory networks,2020 CSCD被引 3    
5.  Vinayakumar R. Evaluating deep learning approaches to characterize and classify the DGAs at scale. Journal of Intelligent & Fuzzy Systems,2018,34(3):1265-1276 CSCD被引 3    
6.  吕品. 基于双向LSTM的误植域名滥用检测方法. 电子学报,2018,46(9):2081-2086 CSCD被引 4    
7.  Tran D. A LSTM based framework for handling multiclass imbalance in DGA botnet detection. Neurocomputing,2018,275:2401-2413 CSCD被引 17    
8.  Highnam K. Real-time detection of dictionary DGA network traffic using deep learning. SN Computer Science,2021,2(2):1-17 CSCD被引 8    
9.  杜鹏. 基于混合词向量深度学习模型的DGA域名检测方法. 计算机研究与发展,2020,57(2):433-446 CSCD被引 9    
10.  He K M. Deep residual learning for image recognition. 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR),2016:770-778 CSCD被引 630    
11.  Howard A G. MobileNets: Efficient convolutional neural networks for mobile vision applications,2017 CSCD被引 353    
12.  Vinayakumar R. DBD: Deep Learning DGA-based Botnet Detection. Deep Learning Applications for Cyber Security,2019:127-149 CSCD被引 2    
13.  Yu B. Character level based detection of DGA domain names. 2018 International Joint Conference on Neural Networks (IJCNN),2018:1-8 CSCD被引 2    
14.  Qiao Y C. DGA domain name classification method based on long shortterm memory with attention mechanism. Applied Sciences,2019,9(20):4205 CSCD被引 10    
15.  Anderson H S. DeepDGA: Adversarially-tuned domain generation and detection. Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security,2016:13-21 CSCD被引 5    
16.  Sidi L. MaskDGA: A blackbox evasion technique against DGA classifiers and adversarial defenses,2020 CSCD被引 1    
17.  Peck J. CharBot: A simple and effective method for evading DGA classifiers. IEEE Access,2019,7:91759-91771 CSCD被引 4    
引证文献 4

1 刘立婷 基于ON-LSTM与自注意力机制的单词DGA域名检测方法 计算机应用研究,2022,39(12):3781-3785
CSCD被引 0 次

2 余子丞 基于Transformer和多特征融合的DGA域名检测方法 计算机工程与科学,2023,45(8):1416-1423
CSCD被引 2

显示所有4篇文献

论文科学数据集
PlumX Metrics
相关文献

 作者相关
 关键词相关
 参考文献相关

版权所有 ©2008 中国科学院文献情报中心 制作维护:中国科学院文献情报中心
地址:北京中关村北四环西路33号 邮政编码:100190 联系电话:(010)82627496 E-mail:cscd@mail.las.ac.cn 京ICP备05002861号-4 | 京公网安备11010802043238号