为提高检测隐蔽信道的灵敏度,提出一种基于随机森林(Random Forest,RF)和循环神经网络(Recurrent Neural Network,RNN)的域名系统(Domain Name System,DNS)隐蔽信道检测方法.该方法采用域名检测作为主要手段,使用RF模型对域名进行分类,通过深度学习方法挖掘更高阶的特征表示.实验结果表明,与单一模型相比,该方法在检测准确性和健壮性方面均取得了显著提升.
DNS Covert Channel Detection Method Based on Random Forest and Neural Network
To improve the sensitivity of detecting covert channels,a Domain Name System(DNS)covert channel detection method based on Random Forest(RF)and Recurrent Neural Network(RNN)is proposed.This method uses domain name detection as the main means,uses RF models to classify domain names,and uses deep learning methods to mine higher-order feature representations.The experimental results show that,compared with the single model,this method has significantly improved the detection accuracy and robustness.
Domain Name System(DNS)Random Forest(RF)Recurrent Neural Network(RNN)
NETL
NSTL
万方数据
