A DGA Domain Name Detection Method of Multilevel Feature Probability
The existing domain name generation algorithm(DGA)detection methods are insufficient in extracting and utilizing domain name features,and the detection methods based on word embeddings are easy to lead to the loss of important information.In order to solve these problems,a DGA domain name detection method based on multilevel feature probability was proposed.Firstly,the word embedding technology was used to generate the vector representation of the domain name,and the character features of the domain name were extracted through statistical analysis to generate the character feature representation of the domain name.Then,the multi-head pyramid network and transformer were used to process the domain name vector to capture the context information and semantic information of the domain name,and the different domain name information was fused to generate the text-level feature representation of the domain name.Finally,the classification probability of different domain name features is calculated,the feedforward neural network is used to process the domain name character features,the capsule network is used to process the domain name text features,and the domain name detection is realized by integrating the probabilities of different domain name features.Experimental results show that the detection performance of the proposed method outperforms that of other comparison methods,with the accuracy improvement from 0.5% to 1.3% ,the precision improvement from 0.8% to 7.2% ,and the F1 value improvement from 1.2% to 5.2% .
domain generation algorithmdomain name detectionmulti head pyramid networkdomain character featurestext feature
NETL
NSTL
万方数据
