计算机科学 ›› 2019, Vol. 46 ›› Issue (5): 111-115.doi: 10.11896/j.issn.1002-137X.2019.05.017
裴兰珍1,2, 赵英俊1, 王哲1, 罗赟骞2
PEI Lan-zhen1,2, ZHAO Ying-jun1, WANG Zhe1, LUO Yun-qian2
摘要: 针对DGA域名难以检测的问题,构建了一种面向字符的采用深度学习的DGA域名检测模型,模型由字符嵌入层、特征检测层和分类预测层组成。字符嵌入层实现对输入DGA域名的数字编码;特征检测层采用深度学习模型自动提取特征;分类预测层采用全连接网络进行分类预测。为了选取最优的特征提取模型,分析比较了采用Bidirectional机制、Stack机制和Attention机制的LSTM模型与GRU模型,CNN模型,以及将CNN模型分别与LSTM模型和GRU模型相组合的模型。结果表明,与LSTM和GRU模型相比,采用Stack机制、前向Attention机制结合Bidirectional机制的LSTM和GRU模型,CNN模型,CNN模型与LSTM和GRU相组合的模型可提升模型的检测效果,但采用CNN和Bi-GRU组合构建的DGA域名检测模型可获得最优的检测效果。
中图分类号:
[1]ABAKUMOV A.DGA[EB/OL].(2017-07-31)[2018-04-13].https://github.com/andrewaeva/ DGA. [2]SHA H Z,LIU Q Y,LIU T W,et al.Survey on Malicious Webpage Detection Research [J].Chinese Journal of Computers,2016,39(3):529-542.(in Chinese)沙泓州,刘庆云,柳厅文,等.恶意网页识别研究综述[J].计算机学报,2016,39(3):529-542. [3]ZHAO G,XU K,XU L,et al.Detecting APT Malware Infections Based on Malicious DNS and Traffic Analysis[J].IEEE Access,2015,3:1132-1142. [4]WANG X,WU Y,LU Z G.Study on Malicious URL Detection Based on Threat Intelligence Platform[J].Computer Science,2018,45(3):124-130,170.(in Chinese)汪鑫,武杨,卢志刚.基于威胁情报平台的恶意URL检测研究[J].计算机科学,2018,45(3):124-130,170. [5]SAHOO D,LIU C H,HOI S.Malicious URL Detection usingMachine Learning:A Survey[EB/OL].(2017-03-16)[2018-04-13].https://arxiv.org/abs/ 1701.07179. [6]WOODBRIDGE J,ANDERSON H,AHUJA A,et al.Predicting Domain Generation Algorithms with Long Short-Term Memory Networks[EB/OL].(2016-11-02)[2018-04-13].https://arxiv.org/abs/ 1611.00791. [7]SAXE J,BERLIN K.eXpose:A Character-Level Convolutional Neural Network with Embeddings For Detecting Malicious URLs,File Paths and Registry Keys[EB/OL].(2017-02-27)[2018-04-13].https://arxiv.org/abs/1702.08568. [8]YU B,GRAY D L,PAN J.Inline DGA Detection with DeepNetworks [C]∥2017 IEEE International Conference on Data Mining Workshops (ICDMW).New Orleans:IEEE Press,2017:2375-9259. [9]VINAYAKUMAR R,SOMAN K P,POORNACHANDRAN P.Detecting malicious domain names using deep learning approaches at scale[J].Journal of Intelligent and Fuzzy Systems,2018,34(3):1355-1367. [10]ZENG F,CHANG S,WAN X C.Classification for DGA-Based Malicious Domain Names with Deep Learning Architectures[J].International Journal of Intelligent Information Systems,2017,6(6):67-71. [11]陈立皇,程华,房一泉.基于注意力机制的DGA域名检测算法[EB/OL].(2018-06-19)[2018-06-25].http://kns.cnki.net/kcms/detail/31.1691.TQ.20180615.1620.004.html. [12]ANDERSON H S.DeepDGA:Adversarially-Tuned DomainGeneration and Detection [C]∥AISec’16 Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security.New York:ACM Press,2016:13-21. HOCHREITER S, SCHMIDHUBER J.Long short-term memo-ry.Neural Computation,1997,9(8):1735-1780. CHO K,MERRIENBOER B V,GULCEHRE C,et al.Learning phrase representations using RNN encoder-decoder for statistical machine translation .(2014-09-03).https://arxiv. org/abs/1406.1078. [15]FANCOIS C.Deep Learning with Python[M].New York:Manning Publications,2017:192-215. [16]RAFFEL C,ELLIS P W.Feed-Forward Networks with Attention Can Solve Some Long-Term Memory Problems[EB/OL].(2016-09-20)[2018-04-13].https://arxiv.org/abs/1512.08756. [17]YANG Z,YANGD,DYER C,et al.Hierarchical Attention Networks for Document Classification [C]∥NAACL-HLT 2016:Proceedings of the 2016 Conference of the North American Chapter of the Association for Computational Linguistics:Human Language Technologies.San Diego:Association for Computational Linguistics,2016:1480-1489. [18]Wikipedia.Trapezoidal rule[EB/OL].(2018-03-16)[2018-04-13].https://en.wikipedia.org/wiki/ Trapezoidal_rule. |
[1] | 饶志双, 贾真, 张凡, 李天瑞. 基于Key-Value关联记忆网络的知识图谱问答方法 Key-Value Relational Memory Networks for Question Answering over Knowledge Graph 计算机科学, 2022, 49(9): 202-207. https://doi.org/10.11896/jsjkx.220300277 |
[2] | 汤凌韬, 王迪, 张鲁飞, 刘盛云. 基于安全多方计算和差分隐私的联邦学习方案 Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy 计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108 |
[3] | 周乐员, 张剑华, 袁甜甜, 陈胜勇. 多层注意力机制融合的序列到序列中国连续手语识别和翻译 Sequence-to-Sequence Chinese Continuous Sign Language Recognition and Translation with Multi- layer Attention Mechanism Fusion 计算机科学, 2022, 49(9): 155-161. https://doi.org/10.11896/jsjkx.210800026 |
[4] | 徐涌鑫, 赵俊峰, 王亚沙, 谢冰, 杨恺. 时序知识图谱表示学习 Temporal Knowledge Graph Representation Learning 计算机科学, 2022, 49(9): 162-171. https://doi.org/10.11896/jsjkx.220500204 |
[5] | 李宗民, 张玉鹏, 刘玉杰, 李华. 基于可变形图卷积的点云表征学习 Deformable Graph Convolutional Networks Based Point Cloud Representation Learning 计算机科学, 2022, 49(8): 273-278. https://doi.org/10.11896/jsjkx.210900023 |
[6] | 王剑, 彭雨琦, 赵宇斐, 杨健. 基于深度学习的社交网络舆情信息抽取方法综述 Survey of Social Network Public Opinion Information Extraction Based on Deep Learning 计算机科学, 2022, 49(8): 279-293. https://doi.org/10.11896/jsjkx.220300099 |
[7] | 王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011 |
[8] | 郝志荣, 陈龙, 黄嘉成. 面向文本分类的类别区分式通用对抗攻击方法 Class Discriminative Universal Adversarial Attack for Text Classification 计算机科学, 2022, 49(8): 323-329. https://doi.org/10.11896/jsjkx.220200077 |
[9] | 姜梦函, 李邵梅, 郑洪浩, 张建朋. 基于改进位置编码的谣言检测模型 Rumor Detection Model Based on Improved Position Embedding 计算机科学, 2022, 49(8): 330-335. https://doi.org/10.11896/jsjkx.210600046 |
[10] | 陈泳全, 姜瑛. 基于卷积神经网络的APP用户行为分析方法 Analysis Method of APP User Behavior Based on Convolutional Neural Network 计算机科学, 2022, 49(8): 78-85. https://doi.org/10.11896/jsjkx.210700121 |
[11] | 朱承璋, 黄嘉儿, 肖亚龙, 王晗, 邹北骥. 基于注意力机制的医学影像深度哈希检索算法 Deep Hash Retrieval Algorithm for Medical Images Based on Attention Mechanism 计算机科学, 2022, 49(8): 113-119. https://doi.org/10.11896/jsjkx.210700153 |
[12] | 孙奇, 吉根林, 张杰. 基于非局部注意力生成对抗网络的视频异常事件检测方法 Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection 计算机科学, 2022, 49(8): 172-177. https://doi.org/10.11896/jsjkx.210600061 |
[13] | 檀莹莹, 王俊丽, 张超波. 基于图卷积神经网络的文本分类方法研究综述 Review of Text Classification Methods Based on Graph Convolutional Network 计算机科学, 2022, 49(8): 205-216. https://doi.org/10.11896/jsjkx.210800064 |
[14] | 胡艳羽, 赵龙, 董祥军. 一种用于癌症分类的两阶段深度特征选择提取算法 Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification 计算机科学, 2022, 49(7): 73-78. https://doi.org/10.11896/jsjkx.210500092 |
[15] | 张颖涛, 张杰, 张睿, 张文强. 全局信息引导的真实图像风格迁移 Photorealistic Style Transfer Guided by Global Information 计算机科学, 2022, 49(7): 100-105. https://doi.org/10.11896/jsjkx.210600036 |
|