{"title":"基于多级特征融合的深度学习 DGA 恶意域名检测","authors":"Mingtian Xie, Ruifeng He, Aixing He","doi":"10.54254/2755-2721/64/20241334","DOIUrl":null,"url":null,"abstract":"In recent years, cybersecurity issues have emerged one after another, with botnets extensively utilizing Domain Generation Algorithms (DGA) to evade detection. To address the issue of insufficient detection accuracy in existing DGA malicious domain detection models, this paper proposes a deep learning detection model based on multi-stage feature fusion. By extracting local feature information and positional information of domain name sequences through the fusion of Multilayer Convolutional Neural Network (MCNN) and Transformer, and capturing the long-distance contextual semantic features of domain name sequences through Bi-directional Long Short-Term Memory Network (BiLSTM), these features are finally fused for malicious domain classification. Experimental results show that the model maintains an average Accuracy of 93.26% and an average F1-Score of 93.32% for 33 DGA families, demonstrating better comprehensive detection performance compared to other deep learning detection algorithms.","PeriodicalId":350976,"journal":{"name":"Applied and Computational Engineering","volume":"121 49","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-05-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Deep learning DGA malicious domain name detection based on multi-stage feature fusion\",\"authors\":\"Mingtian Xie, Ruifeng He, Aixing He\",\"doi\":\"10.54254/2755-2721/64/20241334\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In recent years, cybersecurity issues have emerged one after another, with botnets extensively utilizing Domain Generation Algorithms (DGA) to evade detection. To address the issue of insufficient detection accuracy in existing DGA malicious domain detection models, this paper proposes a deep learning detection model based on multi-stage feature fusion. By extracting local feature information and positional information of domain name sequences through the fusion of Multilayer Convolutional Neural Network (MCNN) and Transformer, and capturing the long-distance contextual semantic features of domain name sequences through Bi-directional Long Short-Term Memory Network (BiLSTM), these features are finally fused for malicious domain classification. Experimental results show that the model maintains an average Accuracy of 93.26% and an average F1-Score of 93.32% for 33 DGA families, demonstrating better comprehensive detection performance compared to other deep learning detection algorithms.\",\"PeriodicalId\":350976,\"journal\":{\"name\":\"Applied and Computational Engineering\",\"volume\":\"121 49\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-05-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Applied and Computational Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.54254/2755-2721/64/20241334\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Applied and Computational Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.54254/2755-2721/64/20241334","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Deep learning DGA malicious domain name detection based on multi-stage feature fusion
In recent years, cybersecurity issues have emerged one after another, with botnets extensively utilizing Domain Generation Algorithms (DGA) to evade detection. To address the issue of insufficient detection accuracy in existing DGA malicious domain detection models, this paper proposes a deep learning detection model based on multi-stage feature fusion. By extracting local feature information and positional information of domain name sequences through the fusion of Multilayer Convolutional Neural Network (MCNN) and Transformer, and capturing the long-distance contextual semantic features of domain name sequences through Bi-directional Long Short-Term Memory Network (BiLSTM), these features are finally fused for malicious domain classification. Experimental results show that the model maintains an average Accuracy of 93.26% and an average F1-Score of 93.32% for 33 DGA families, demonstrating better comprehensive detection performance compared to other deep learning detection algorithms.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
