基于字符和词特征融合的恶意域名检测  

Malicious domain name detection based on feature fusion of character and word

在线阅读下载全文

作  者:赵宏[1] 申宋彦 韩力毅 吴喜川 ZHAO Hong;SHEN Song-yan;HAN Li-yi;WU Xi-chuan(School of Computer and Communication,Lanzhou University of Technology,Lanzhou 730050,China)

机构地区:[1]兰州理工大学计算机与通信学院,甘肃兰州730050

出  处:《计算机工程与设计》2024年第5期1549-1556,共8页Computer Engineering and Design

基  金:国家自然科学基金项目(62166025);甘肃省重点研发计划基金项目(21YF5GA073)。

摘  要:针对现有恶意域名检测方法对域名生成算法(domain generation algorithm, DGA)随机产生的恶意域名检测性能不高,且对由随机单词组成的恶意域名检测效果较差的问题,提出一种基于字符和词特征融合的恶意域名检测算法(cha-racter and word network, CWNet)。利用并行卷积神经网络分别提取域名中字符和词的特征;将两种特征进行拼接,构造成融合特征;利用Softmax函数实现合法域名与恶意域名的检测。实验结果表明,该算法可以提升对恶意域名的检测能力,对更具挑战性的恶意域名家族的检测准确率提升效果更为明显。Aiming at the problems that the existing malicious domain name detection methods do not have high performance in detecting the malicious domain names randomly generated using the DGA(domain generation algorithm)and the detection effect of the malicious domain names composed of random words is poor,a malicious domain name detection algorithm CWNet(character and word network)based on the fusion of character and word features was proposed.Parallel convolutional neural network was used to extract the features of characters and words of domain name respectively.The fusion features were constructed by splicing the features of characters and words.The detection result that whether a domain name belonged to legitimate or malicious domain name was obtained through the Softmax function.Experimental results show that the algorithm can improve the detection ability of malicious domain names,and the detection accuracy of more challenging malicious domain name families is improved more significantly.

关 键 词:恶意域名检测 域名生成算法 深度学习 卷积神经网络 特征融合 向量表示 损失函数 

分 类 号:TP391[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象