A man-in-the-middle Attack Detection Method for DNS Protocol Based on CNN-BiGRU
In order to solve the problems of low detection accuracy,insufficient feature selection and lack of signifi-cant effective features of man-in-the-middle attacks based on the DNS protocol,this paper proposes a detection meth-od of bidirectional gated recurrent unit based on convolutional neural network,CNN-BiGRU,which is used to detect man-in-the-middle attacks of DNS protocal.Firstly,the key feature resource records are introduced,the time-series in-formation of man-in-the-middle attack traffic is obtained by extracting features through convolutional neural network,and finally the combined features are input into the bidirectional gated recurrent unit to realize the detection of man-in-the-middle attacks.This method has an accuracy rate of 99.67%,a precision rate of 99.68%,a recall rate of 99.42%,and an F1-score of 99.47%in the self-built Jefe dataset,which can effectively detect DNS man-in-the-mid-dle attacks.
Man-in-the-middle attackDomain name systemDeep learning
NETL
NSTL
万方数据
