摘要
为了提高对基于单词的域名生成算法(domain generation algorithm,DGA)生成的恶意域名的检测准确率,提出了一种结合改进的并行卷积神经网络(APCNN)和融合简化注意力机制的双向门控循环单元(BiGRU-Att)的网络模型,该模型能充分学习单词特征、单词之间的组合关系和关键字符信息。实验结果表明,相比Bilbo和CL模型,APCNN-BiGRU-Att模型的分类准确率和F_(1)值更高,表明该模型具有更好的检测效果、多分类效果和稳定性。
In order to improve the detection accuracy of malicious domain names generated by the word-based domain generation algorithm(DGA),this paper proposed a network model combining an improved parallel convolutional neural network(APCNN)and a bi-directional gated recurrent unit(BiGRU-Att)incorporating a simplified attention mechanism.The model could fully learn word features,combinatorial relationships between words and key character information.The experimental results show that the APCN-BiGRU-Att model has higher classification accuracy and F_(1) values compared with the Bilbo and CL models,indicating that the model has better detection,multi-classification effect and stability.
作者
黄蔚秋
欧毓毅
凌捷
Huang Weiqiu;Ou Yuyi;Ling Jie(School of Computers,Guangdong University of Technology,Guangzhou 510006,China)
出处
《计算机应用研究》
CSCD
北大核心
2022年第5期1541-1545,共5页
Application Research of Computers
基金
广州市科技计划资助项目(201902020007,202007010004)。
关键词
基于单词的域名生成算法
域名检测
改进的并行卷积神经网络
注意力机制
word-based domain generation algorithm
domain name detection
improved parallel convolutional neural network
attention mechanism
作者简介
黄蔚秋(1997-),男,广东揭阳人,硕士,主要研究方向为信息安全;通信作者:欧毓毅(1974-),女,广西合浦人,副教授,硕导,主要研究方向为信息安全与网络信息系统集成(13822901568@163.com);凌捷(1964-),男,教授,博士,主要研究方向为网络信息安全.
