Computer Science ›› 2019, Vol. 46 ›› Issue (5): 111-115.doi: 10.11896/j.issn.1002-137X.2019.05.017

Previous Articles     Next Articles

Comparison of DGA Domain Detection Models Using Deep Learning

PEI Lan-zhen1,2, ZHAO Ying-jun1, WANG Zhe1, LUO Yun-qian2   

  1. (School of Air and Missile Defense,Air Force Engineering University,Xi’an 710051,China)1
    (Army 95899 of PLA,Beijing 100085,China)2
  • Received:2018-04-17 Revised:2018-06-29 Published:2019-05-15

Abstract: For solving the problem of detection diffculty of the DGA domain name,this paper proposed a new DGA domain detection model from the viewpoint of character level by deep learning model.The model consisted of character embedding layer,feature detection layer and classification prediction layer.The character embedding layer realizes the digital encoding of DGA domain.The feature detection layer adopts the deep learning model to extract features automati-cally,and the classification prediction layer adopts neural network for classification prediction.In order to select the optimal model of feature extraction,the LSTM and GRU models using Bidirectional mechanism,Stack mechanism,Attention mechanism,CNN models and CNN models integrated respectively with LSTM and GRU model were compared.The results show that the LSTM and GRU models using Stack mechanism and Attention mechanism integrated with Bidirectional mechanism,CNN models and CNN models integrated with LSTM and GRU model can improve the detection effect.The DGA domain detection model using CNN model integrated with Bi-GRU can obtain the optimum detection effect.

Key words: Convolutional neural network, Cyberspace security, Danamic domain generation algorithms, Deep learning, Gatedrecurrent unit, Long short-term memory

CLC Number: 

  • TP393.08
[1]ABAKUMOV A.DGA[EB/OL].(2017-07-31)[2018-04-13].https://github.com/andrewaeva/ DGA.
[2]SHA H Z,LIU Q Y,LIU T W,et al.Survey on Malicious Webpage Detection Research [J].Chinese Journal of Computers,2016,39(3):529-542.(in Chinese)沙泓州,刘庆云,柳厅文,等.恶意网页识别研究综述[J].计算机学报,2016,39(3):529-542.
[3]ZHAO G,XU K,XU L,et al.Detecting APT Malware Infections Based on Malicious DNS and Traffic Analysis[J].IEEE Access,2015,3:1132-1142.
[4]WANG X,WU Y,LU Z G.Study on Malicious URL Detection Based on Threat Intelligence Platform[J].Computer Science,2018,45(3):124-130,170.(in Chinese)汪鑫,武杨,卢志刚.基于威胁情报平台的恶意URL检测研究[J].计算机科学,2018,45(3):124-130,170.
[5]SAHOO D,LIU C H,HOI S.Malicious URL Detection usingMachine Learning:A Survey[EB/OL].(2017-03-16)[2018-04-13].https://arxiv.org/abs/ 1701.07179.
[6]WOODBRIDGE J,ANDERSON H,AHUJA A,et al.Predicting Domain Generation Algorithms with Long Short-Term Memory Networks[EB/OL].(2016-11-02)[2018-04-13].https://arxiv.org/abs/ 1611.00791.
[7]SAXE J,BERLIN K.eXpose:A Character-Level Convolutional Neural Network with Embeddings For Detecting Malicious URLs,File Paths and Registry Keys[EB/OL].(2017-02-27)[2018-04-13].https://arxiv.org/abs/1702.08568.
[8]YU B,GRAY D L,PAN J.Inline DGA Detection with DeepNetworks [C]∥2017 IEEE International Conference on Data Mining Workshops (ICDMW).New Orleans:IEEE Press,2017:2375-9259.
[9]VINAYAKUMAR R,SOMAN K P,POORNACHANDRAN P.Detecting malicious domain names using deep learning approaches at scale[J].Journal of Intelligent and Fuzzy Systems,2018,34(3):1355-1367.
[10]ZENG F,CHANG S,WAN X C.Classification for DGA-Based Malicious Domain Names with Deep Learning Architectures[J].International Journal of Intelligent Information Systems,2017,6(6):67-71.
[11]陈立皇,程华,房一泉.基于注意力机制的DGA域名检测算法[EB/OL].(2018-06-19)[2018-06-25].http://kns.cnki.net/kcms/detail/31.1691.TQ.20180615.1620.004.html.
[12]ANDERSON H S.DeepDGA:Adversarially-Tuned DomainGeneration and Detection [C]∥AISec’16 Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security.New York:ACM Press,2016:13-21.
HOCHREITER S, SCHMIDHUBER J.Long short-term memo-ry.Neural Computation,1997,9(8):1735-1780.
CHO K,MERRIENBOER B V,GULCEHRE C,et al.Learning phrase representations using RNN encoder-decoder for statistical machine translation .(2014-09-03).https://arxiv. org/abs/1406.1078.
[15]FANCOIS C.Deep Learning with Python[M].New York:Manning Publications,2017:192-215.
[16]RAFFEL C,ELLIS P W.Feed-Forward Networks with Attention Can Solve Some Long-Term Memory Problems[EB/OL].(2016-09-20)[2018-04-13].https://arxiv.org/abs/1512.08756.
[17]YANG Z,YANGD,DYER C,et al.Hierarchical Attention Networks for Document Classification [C]∥NAACL-HLT 2016:Proceedings of the 2016 Conference of the North American Chapter of the Association for Computational Linguistics:Human Language Technologies.San Diego:Association for Computational Linguistics,2016:1480-1489.
[18]Wikipedia.Trapezoidal rule[EB/OL].(2018-03-16)[2018-04-13].https://en.wikipedia.org/wiki/ Trapezoidal_rule.
[1] ZHOU Le-yuan, ZHANG Jian-hua, YUAN Tian-tian, CHEN Sheng-yong. Sequence-to-Sequence Chinese Continuous Sign Language Recognition and Translation with Multi- layer Attention Mechanism Fusion [J]. Computer Science, 2022, 49(9): 155-161.
[2] XU Yong-xin, ZHAO Jun-feng, WANG Ya-sha, XIE Bing, YANG Kai. Temporal Knowledge Graph Representation Learning [J]. Computer Science, 2022, 49(9): 162-171.
[3] RAO Zhi-shuang, JIA Zhen, ZHANG Fan, LI Tian-rui. Key-Value Relational Memory Networks for Question Answering over Knowledge Graph [J]. Computer Science, 2022, 49(9): 202-207.
[4] TANG Ling-tao, WANG Di, ZHANG Lu-fei, LIU Sheng-yun. Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy [J]. Computer Science, 2022, 49(9): 297-305.
[5] WANG Jian, PENG Yu-qi, ZHAO Yu-fei, YANG Jian. Survey of Social Network Public Opinion Information Extraction Based on Deep Learning [J]. Computer Science, 2022, 49(8): 279-293.
[6] WANG Xin-tong, WANG Xuan, SUN Zhi-xin. Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network [J]. Computer Science, 2022, 49(8): 314-322.
[7] HAO Zhi-rong, CHEN Long, HUANG Jia-cheng. Class Discriminative Universal Adversarial Attack for Text Classification [J]. Computer Science, 2022, 49(8): 323-329.
[8] JIANG Meng-han, LI Shao-mei, ZHENG Hong-hao, ZHANG Jian-peng. Rumor Detection Model Based on Improved Position Embedding [J]. Computer Science, 2022, 49(8): 330-335.
[9] CHEN Yong-quan, JIANG Ying. Analysis Method of APP User Behavior Based on Convolutional Neural Network [J]. Computer Science, 2022, 49(8): 78-85.
[10] ZHU Cheng-zhang, HUANG Jia-er, XIAO Ya-long, WANG Han, ZOU Bei-ji. Deep Hash Retrieval Algorithm for Medical Images Based on Attention Mechanism [J]. Computer Science, 2022, 49(8): 113-119.
[11] SUN Qi, JI Gen-lin, ZHANG Jie. Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection [J]. Computer Science, 2022, 49(8): 172-177.
[12] HU Yan-yu, ZHAO Long, DONG Xiang-jun. Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification [J]. Computer Science, 2022, 49(7): 73-78.
[13] DAI Zhao-xia, LI Jin-xin, ZHANG Xiang-dong, XU Xu, MEI Lin, ZHANG Liang. Super-resolution Reconstruction of MRI Based on DNGAN [J]. Computer Science, 2022, 49(7): 113-119.
[14] CHENG Cheng, JIANG Ai-lian. Real-time Semantic Segmentation Method Based on Multi-path Feature Extraction [J]. Computer Science, 2022, 49(7): 120-126.
[15] LIU Yue-hong, NIU Shao-hua, SHEN Xian-hao. Virtual Reality Video Intraframe Prediction Coding Based on Convolutional Neural Network [J]. Computer Science, 2022, 49(7): 127-131.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!