摘要
笔者利用长短期记忆网络(LSTM)和卷积神经网络(CNN),以正常域名、不正常域名作为特征进行有监督的DNS数据异常检测方法的研究。该方法使用黑白样本集,通过有监督学习方法建立检测模型,实现对正常和不正常域名的二分类检测,主要实现对DNS隐蔽通道和DGA域名的检测。通过全监督的学习方法,能够识别已知黑样本特征集的异常域名。
In this paper,it uses Long Short-Term Memory networks(LSTM)and Convolutional Neural Networks(CNN)to conduct supervised DNS anomaly detection methods based on normal domain names and abnormal domain names.The method uses a black and white sample set to establish a detection model through supervised learning methods to achieve two-class detection of normal and abnormal domain names,mainly to detect DGA domain names or DNS covert channels.Through a fully supervised learning approach,anomalous domain names of known black sample feature sets can be identified.
作者
王堃宇
Wang Kunyu(Southeast University,Nanjing Jiangsu 211189,China)
出处
《信息与电脑》
2019年第18期56-58,共3页
Information & Computer