期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

大规模网络中基于集成学习的恶意域名检测 被引量:4

Malicious Domain Name Detection in Large-scale Network Based on Ensemble Learning
下载PDF
导出
摘要 现有的恶意域名检测方案在处理大规模数据和多种类型的恶意域名时存在不足。为此,根据时间性、相关域名集合和对应IP三方面特征提出新的检测方案。使用并行化随机森林算法建立组合的域名检测分类器,以提高检测精确度及容错能力。实验结果表明,组合分类器的精确度和准确率均高于决策树分类器,新方案能够更有效地检测大规模网络中的恶意域名。 Existing domain name detection schemes face difficulties in dealing with large-scale data and various malicious domains.Aiming at this problem,this paper designs a malicious domain detection scheme based on the features of the timeliness,relevant domain set and the corresponding IP.It uses parallelized random forests algorithm to build the classifier and process large-scale data,which improves classification precision and fault tolerance.Experimental result shows that,compared with decision tree classifier,the combined classifier has better performance in precision and accuracy,which can solve the problem of malicious domain detection in large-scale network environment more efficiently.
作者 马旸 强小辉 蔡冰 王林汝
机构地区 国家计算机网络应急技术处理协调中心江苏分中心
出处 《计算机工程》 CAS CSCD 北大核心 2016年第11期170-176,共7页 Computer Engineering
关键词 恶意域名检测 集成学习 随机森林算法 组合分类器 大数据 并行化 malicious domain name detection ensemble learning random forests algorithm combined classifier big data parallelization
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献5

二级参考文献67

  • 1高寅生.安全漏洞库设计与实现[J].微电子学与计算机,2007,24(3):99-101. 被引量:9
  • 2Ollmann G. Botnet communication topologies [R]. Damballa White Paper, 2009:6-7.
  • 3Porras P, Saidi H, Yegneswaran V. A foray into conficker' s logic and rendezvous points [R]. Sri International, 2009: 10-11.
  • 4Holz T, Gorecki C, Rieck C, et al. Measuring and detecting fast-flux service networks [C]. San Diego, California: Proc NDSS, 2008.
  • 5Passerini E, Paleari R, Martignoni L, et al. FluXOR: Detecting and monitoring fast-flux service networks [C]. Paris, France: Proceedings of the 5th Conference on Detection of Intrusions and Malware ~ Vulnerability Assessment, 2008: 186-206.
  • 6Caglayan A, Toothaker M, Drapeau D, et al. Realtime detection of fast flux service networks [C]. Washington DC, USA: Cybersecurity Applications &Technology Conference For Homeland Security, IEEE Computer Society, 2009: 285-292.
  • 7Gross B, Cova M, Cavallaro L, et al. Your botnet is my hotnet: Analysis of a botnet takeover[R]. Proceedings of the ACM CCS, 2009.
  • 8Yadav S, Reddy A, Reddy A, et al. Detecting algorithmically generated malicious domain names [C]. Melbourne, Australia: Proceedings of the 10th Annual Conference on Intemet Measurement, ACM, 2010: 48-61.
  • 9McAfee. McAfee SiteAdvisor[DB/OL]. http://www, siteadvisor, com/, 2011.
  • 10Google. Google safe browsing [DB/OL]. http://www.google, com/tools/firefox/safebrowsing/, 2011.

共引文献22

同被引文献24

引证文献4

二级引证文献8

计算机工程
2016年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部