Detection of malicious domain name based on a classifier combination

Detection of malicious domain name based on a classifier combination

As a fundamental service on the internet,domain name system (DNS) can inevitably be abused by malicious activities.Based on the studies of Botnets and other malwares which made use of the domain generation algorithm (DGA),and researches on current major techniques of malicious domain detection,a mal...

Full description

Saved in:
Bibliographic Details
Main Authors: Jiantao SHENG, Maofei CHEN, Dongxin LIU, Laifu WANG, Guoshui SHI, Huamin JIN
Format: Article
Language:zho
Published: Beijing Xintong Media Co., Ltd 2020-05-01
Series:Dianxin kexue
Subjects:
malicious domain name
Botnet
machine learning
deep learning
classifier combination
Online Access:http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2020150/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:As a fundamental service on the internet,domain name system (DNS) can inevitably be abused by malicious activities.Based on the studies of Botnets and other malwares which made use of the domain generation algorithm (DGA),and researches on current major techniques of malicious domain detection,a malicious domain detection framework based on a classifier combination was proposed.The framework applied the support vector machine (SVM) as its main classifier and combined the naive Bayes classifier (NBC) supportively with some statistical characteristics.Experiment result demonstrates that the framework outperformes current techniques in the offline-training time and the capability of detecting unknow malicious domain families,which satisfies the requirement of internet service provider (ISP) to detect and analyze malicious domainson the internet.
ISSN:1000-0801

Similar Items