检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
出 处:《计算机应用》2016年第4期941-944,984,共5页journal of Computer Applications
基 金:国家自然科学基金资助项目(61303260);中国科学院战略性先导科技专项(XDA06030200)~~
摘 要:域名系统主要提供域名解析功能,完成域名到IP的转换,而恶意域名检测主要用来发现以域名系统为屏障的非法行为,来保障域名服务器的正常运行。总结了恶意域名检测的相关工作,并采用基于机器学习的方法,提出一种基于多元属性特征的恶意域名检测方法。在域名词法特征方面,提取更加细粒度的特征,比如数字字母的转换频率、连续字母的最大长度等;在网络属性特征方面,更加关注名称服务器,比如其个数、分散度等。实验结果表明,该方法的准确率、召回率、F1值均达到了99.8%,具有较好的检测效果。Domain Name System( DNS) provides domain name resolution service,i. e.,converting domain names to IP addresses. Malicious domain detection is mainly for discovering illegal activities and ensuring the normal operation of the domain name servers. Prior work on malicious domain name detection was summarized,and a new machine learning based malicious domain detection algorithm for exploiting multiple-dimensional features was further proposed. With respect to domain name lexical features,more fine-grained features were extracted,such as the conversion frequency of the numbers and letters and the maximum length of continuous letters. As for the network attribute features,more attentions were paid to the name servers,such as the quantity,and the degree of dispersion. The experimental results show that the accuracy,recall rate,F1 value of the proposed method reaches 99. 8%,which means a better performance on malicious domain name detection.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.57