Multi-source information comprehensive malicious domain name detection based on convolutional neural network
Authors: 
Pei-Yuan Xie, Jin-Bo Wu, Fan Zhou, Biao XiaoAuthors Info & Claims
Pages 57 - 62
Abstract
As the communication carrier of malware, viruses and malicious servers, malicious domain names pose a threat to social public information security. Aiming at the problem that the characteristics of malicious domain names change all the time, which leads to a low accuracy of traditional malicious domain name detection models, this paper proposes a multi-source information comprehensive malicious domain name detection model based on convolutional neural network. Firstly, different types of features in Domain Name System are divided into five categories, and a convolutional neural network framework is designed for each category to reduce the mutual influence between different types of features. Secondly, perform feature extraction is carried out and corresponding weights are trained, and multiple classification results are fused by decision pool to capture information among various features. Finally, the experimental results show that our scheme has higher prediction accuracy than other machine learning algorithms.
References
[1]
China Internet Network Information Center. 49 times China Internet network development state statistic report [EB/OL]. http://www.cnnic.cn/gywm/xwzx/rdxw/20172017_7086/202202/t20220225_71724.htm, 2022-02-25.
[2]
Network Security Information and trends weekly report. The 13th Internet Security Threat Report [EB/OL]. [2018-04-01]. http: / /www. cert. org. cn /publish /main / 44/2018/20180404150414268888501/20180404150414268888501_201html.
[3]
Guangxi YU, Yan ZHANG, Huajun CUI, Xinghua YANG, Yang LI, Chang LIU. Design and Implementation of A DGA Domain Name Detection System by Machine Learning[J].Journal of Cyber Security,2020,5(3):35-47.
[4]
Bo Hong, Guanggang Geng, Liming Wang, Wei Wang, Wei Mao. System to discover phishing attacks actively based on DNS[J]. Computer Application Research, 2013,30(12):3771-3774.
[5]
Congxian Yin. Research and implementation of malicious domain name detection technology based on big Data analysis [D]. Beijing: Beijing University of Posts and Telecommunications,2018.
[6]
Zhao H, Chang Z B, Wang W J, Malicious domain names detection algorithm based on lexical analysis and feature quantification[J].IEEE Access, 2019, 7:128990- 128999.
[7]
Changling ZHOU, Kai CHEN, Xuxiao GONG, Ping CHEN, Hao MA. Detection of Fast-Flux Domains Based on Passive DNS Analysis[J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2016, 52(3): 396-402.
[8]
Marques C, Malta S, Magalhães JP. DNS dataset for malicious domains detection. Data Brief. 2021 Sep 4;38:107342. 34541265; PMCID: PMC8437788.
[9]
Weiwei Zhang. Malicious service detection and threat assessment based on DNS activities[D]. Southeast University, 2017.
[10]
Yuzhu Wang. Network traffic anomaly detection method based on combination learning [D]. Yanshan University, 2021. Emily. 2018.
[11]
Ya LIU, Mingjie LIN, Bo QU. Survey on Graph Representation Learning in Cybersecurity Domain. Journal of Chinese Computer Systems. 2023, 44(3): 616-628.
[12]
Xiao Ma; Manchun Cai; Tianliang Lu;. Detection Method of Malicious Domain by DNS Graph Mining Based on Improved BP Algorithm [J]. Journal of People's Public Security University of China (Natural Science Edition), 2021,04:68-73.
[13]
Xiaobao Wu. Research on a mining method on illegal domain names and organizations based on association relationships [D]. Harbin Institute of Technology, 2019.
[14]
Zhenwei Sheng, Guotian Xu. DGA malicious domain name detection method based on fusion of CNN and GRU [J]. Network Security Technology & Application, 2022(12):29-32.
[15]
Haidong Sun. Research on Malicious Domain NameDetection Method based on Deep Learningand Similarity [D]. Chongqing University of Technology, 2022.
[16]
Li V, Dunn M, Pearce P, Reading the tea leaves: a comparative analysis of threat intelligence[C]// USENIX Security Symposium. USENIX Association, 2019.
[17]
Guo M H, Xu T X, Liu J J, Attention mechanisms in computer vision: A survey[J]. Computational visual media, 2022, 8(3): 331-368.
[18]
Luo J H, Wu J. Neural network pruning with residual-connections and limited-data[C]//Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. 2020: 1458-1467.
[19]
Liting Liu. Research on malicious domain name detection based on domain name text features [D]. Guangdong University of Technology, 2022.
[20]
Yi Zhang, Futai Zou. Detection Method of Malicious Domain Name based on Knowledge Map [J]. Communication Technology, 2020,53(01):168-173.
[21]
Yifan Xi, Yang Wang, Yu Zhang. An approach for detecting malicious domain names generated by dictionary-based DGA [J]. Information Security Research, 2022, 8(02): 129-134.
Index Terms
- Multi-source information comprehensive malicious domain name detection based on convolutional neural network
Index terms have been assigned to the content through auto-classification.
Recommendations
Malicious Domain Name Detection Based on Extreme Machine Learning
Malicious domain detection is one of the most effective approaches applied in detecting Advanced Persistent Threat (APT), the most sophisticated and stealthy threat to modern network. Domain name analysis provides security experts with insights to ...
Neural networks based domain name generation
AbstractDomain generation algorithm (DGA) is used by botnets to build a stealthy command and control (C&C) communication channel between the C&C server and the bots. A DGA can periodically produce a large number of pseudo-random ...
Malware detection using DNS records and domain name features
ICFNDS '18: Proceedings of the 2nd International Conference on Future Networks and Distributed SystemsAs billions of people depend on Internet application to perform day to day tasks, the prevalent of malwares and online attacks cause a huge loss to global Internet economy prevalent. Domain name system is one of the core components of the Internet, ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
December 2023
371 pages
ISBN:9798400709203
DOI:10.1145/3639631
Copyright © 2023 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 16 February 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
ACAI 2023
ACAI 2023: 2023 6th International Conference on Algorithms, Computing and Artificial Intelligence
December 22 - 24, 2023
Sanya, China
Acceptance Rates
Overall Acceptance Rate 173 of 395 submissions, 44%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 208Total Downloads
- Downloads (Last 12 months)208
- Downloads (Last 6 weeks)30
Reflects downloads up to 14 Dec 2024
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatLogin options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in