Advertisement

Domain Name Detection and Classification Using Deep Neural Networks

  • B. BharathiEmail author
  • J. Bhuvana
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 969)

Abstract

The malware families uses Domain Generated Algorithms (DGA) to generate and register different domains to connect to the command and Control server. To improve the automated analysis of DGA-based malware, we have developed an analysis system for detection and classification of DGA’s. In this paper we proposed to take a string of characters as input given in the domain names and classify them as either benign or malicious domain name using deep learning architectures such as Long Short Term Memory (LSTM) and Bidirectional LSTM. We have used the data set given by shared task on Detecting Malicious Domain names (DMD 2018). We have developed a system for both binary and multiclass classification task to detect the malicious domain names. We have observed that the proposed model for binary classification performed better than multiclass classification.

Keywords

Domain Generated Algorithm Deep learning architecture LSTM Bidirectional LSTM 

Notes

Acknowledgment

We would like to thank the management of SSN College of Engineering for funding GPU system, which helps us to carry out the deep learning related research work.

References

  1. 1.
  2. 2.
  3. 3.
  4. 4.
  5. 5.
  6. 6.
  7. 7.
    Does Alexa have a list of its top-ranked websites? https://support.alexa.com
  8. 8.
    OpenDNS domain list. https://umbrella.cisco.com/blog
  9. 9.
    Le, H., Pham, Q., Sahoo, D., Hoi, S.C.: URLnet: Learning a URL representation with deep learning for malicious URL detection. arXiv preprint arXiv:1802.03162 (2018)
  10. 10.
    Mohan, V.S., Vinayakumar, R., Soman, K., Poornachandran, P.: SPOOF net: syntactic patterns for identification of ominous online factors. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 258–263. IEEE (2018)Google Scholar
  11. 11.
    Vinayakumar, R., Soman, K.P.: Applying traditional machine learning and deep learning models to detect and categorize DGA. Big Data Eng. Appl. (2018, under-review)Google Scholar
  12. 12.
    Sahoo, D., Liu, C., Hoi, S.C.: Malicious URL detection using machine learning: a survey. arXiv preprint arXiv:1701.07179 (2017)
  13. 13.
    Vinayakumar, R., Poornachandran, P., Soman, K.P.: Scalable framework for cyber threat situational awareness based on domain name systems data analysis. In: Roy, S.S., Samui, P., Deo, R., Ntalampiras, S. (eds.) Big Data in Engineering Applications. SBD, vol. 44, pp. 113–142. Springer, Singapore (2018).  https://doi.org/10.1007/978-981-10-8476-8_6CrossRefGoogle Scholar
  14. 14.
    Vinayakumar, R., Soman, K., Poornachandran, P.: Detecting malicious domain names using deep learning approaches at scale. J. Intell. Fuzzy Syst. 34(3), 1355–1367 (2018)CrossRefGoogle Scholar
  15. 15.
    Vinayakumar, R., Soman, K., Poornachandran, P., Sachin Kumar, S.: Evaluating deep learning approaches to characterize and classify the DGAs at scale. J. Intell. Fuzzy Syst. 34(3), 1265–1276 (2018)CrossRefGoogle Scholar
  16. 16.
    Vinayakumar R, Soman KP, P.P.: BigCogNet: big data based cognitive security system for an organization. In: Alazab, M., Tang, M.J. (eds.) Deep Learning Applications for Cyber Security, Advanced Sciences and Technologies for Security Applications (under-review)Google Scholar
  17. 17.
    Vinayakumar, R, Soman KP, P.P., Menon, P.: A deep-dive on Machine learning for Cybersecurity use cases. In: Machine Learning for Computer and Cyber Security: Principle, Algorithms, and Practices. CRC Press (In Press)Google Scholar
  18. 18.
    Woodbridge, J., Anderson, H.S., Ahuja, A., Grant, D.: Predicting domain generation algorithms with long short-term memory networks. arXiv preprint arXiv:1611.00791 (2016)
  19. 19.
    Yu, B., Pan, J., Hu, J., Nascimento, A., De Cock, M.: Character level based detection of DGA domain names. In: ICLR (2018). To appearGoogle Scholar
  20. 20.
    Zeng, F., Chang, S., Wan, X.: Classification for DGA-based malicious domain names with deep learning architectures. Int. J. Intell. Inf. Syst. 6(6), 67 (2017)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Department of CSESSN College of EngineeringChennaiIndia

Personalised recommendations