MULTI-FAMILY MALICIOUS DOMAIN NAMES DETECTION ALGORITHM BASED ON BILSTM-DAE
张咪 1彭建山2
扫码查看
点击上方二维码区域,可以放大扫码查看
作者信息
1. 河南建筑职业技术学院 河南郑州 450064
2. 数字工程与先进计算国家重点实验室 河南郑州 450000
折叠
摘要
针对现有恶意域名检测算法对于家族恶意域名检测精度不高和实时性不强的问题,提出一种基于BiLSTM-DAE的恶意域名检测算法.通过利用双向长短时记忆神经网络(Bi-directional Long Short Term Memory,BiLSTM)提取域名字符组合的上下文序列特征,并结合深度自编码网络(Deep Auto-Encoder,DAE)逐层压缩感知提取类内有共性和类间有区分性的强字符构词特征并进行分类.实验结果表明,与当前主流恶意域名检测算法相比,该算法在保持检测开销较小的基础上,具有更高的检测精度.
Abstract
Aimed at the problem of poor detection accuracy and real-time performance of existing malicious domain name detection algorithms for family malicious domain names,a BiLSTM-DAE based malicious domain name detection algorithm is proposed.A Bi-directional long short term memory(BiLSTM)network was used to extract the context sequence features of domain name character,and deep auto-encoder(DAE)was used to extract and classify word formation features of strong characters layer by layer which were similarities within classes and distinctions between classes.The experimental results show that compared with the current mainstream malicious domain name detection algorithm,the algorithm has higher detection accuracy while keeping the detection overhead smaller.
关键词
恶意域名检测/深度自编码网络/双向长短时记忆神经网络/构词特征
Key words
Malicious domain names detection/Deep auto-encoder/Bi-directional long short term memory/Word-formation features
维普
万方数据