摘要
针对单词DGA域名字符随机性低,字符结构和分布与良性域名相似,现有方法对其检测效果不佳的问题,提出一种单词DGA域名检测方法。首先,对域名进行BiGRAM字符编码,使模型的输入涵盖更多的域名特征;其次,构建ON-LSTM-SA特征提取模块,充分提取域名的层级语义特征并为其分配权重;最后,通过softmax函数输出分类结果。实验结果表明,相较于四种对比模型,该方法在检测性能和多分类性能方面均表现最佳,具有更高的鲁棒性和泛化能力。
Aiming at the problem that the character randomness of word DGA domain names is low,the character structure and distribution are similar to benign domain names,and the detection effect of existing methods is inefficient,this paper proposed a detection method for word DGA domain name.Firstly,this method encoded domain names based on BiGRAM characters,so that the input of the model covered more domain name features.Secondly,it constructed the ON-LSTM-SA feature extraction module to fully extract the hierarchical semantic features of the domain name and assigned weights to it.Finally,it outputted the classification result through the softmax function.The experimental results show that,compared with the four contrasting models,this method performs the best in both detection performance and multi-classification performance,and has higher robustness and generalization ability.
作者
刘立婷
欧毓毅
凌捷
Liu Liting;Ou Yuyi;Ling Jie(School of Computers,Guangdong University of Technology,Guangzhou 510006,China)
出处
《计算机应用研究》
CSCD
北大核心
2022年第12期3781-3785,共5页
Application Research of Computers
基金
广州市科技计划项目(201902020007,202007010004)。
关键词
单词DGA域名检测
特征提取
深度学习
有序长短记忆神经网络
自注意力机制
word DGA domain name detection
feature extraction
deep learning
ordered neurons long short-term memory neural network
self-attention mechanism
