Malicious Domain Name Recognition Based on Deep Neural Networks

Yan, Xiaodan; Cui, Baojiang; Li, Jianbin

doi:10.1007/978-3-030-05345-1_43

Xiaodan Yan¹⁶,
Baojiang Cui¹⁶ &
Jianbin Li¹⁷

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11342))

Included in the following conference series:

International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage

1499 Accesses
4 Citations

Abstract

Malware steals private information by randomly generating a large number of malicious domain names every day using domain generation algorithms (DGAs), which pose a great threat to our daily Internet activity. To improve recognition accuracy for these malicious domain names, this paper proposes a malicious domain name detection algorithm based on deep neural networks to capture the characteristics of malicious domain names. The resulting model is called a Discriminator based on Hierarchical Bidirectional Recurrent Neural Networks (D-HBiRNN).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Hoque, N., Bhattacharyya, D.K., Kalita, J.K.: Botnet in DDoS attacks: trends and challenges. IEEE Commun. Surv. Tutor. 17(4), 2242–2270 (2015)
Article Google Scholar
Rossow, C.: Amplification hell: revisiting network protocols for DDoS abuse. In: Proceedings 2014 Network and Distributed System Security Symposium. Internet Society, Reston, VA (2014). https://doi.org/10.14722/ndss.2014.23233
Thatte, G., Mitra, U., Heidemann, J.: Parametric methods for anomaly detection in aggregate traffic. IEEE/ACM Trans. Netw. 19(2), 512–525 (2011)
Article Google Scholar
Graves, A.: Supervised Sequence Labelling with Recurrent Neural Networks, vol. 385. Springer, Berlin (2012). https://doi.org/10.1007/978-3-642-24797-2
Book MATH Google Scholar
Duffield, N., Haffner, P., Krishnamurthy, B., et al.: Rule-based anomaly detection on IP flows. In: INFOCOM, pp. 424–432. IEEE (2009)
Google Scholar
Chen, T., Xu, S., Zhang, C.: Risk assessment method for network security based on intrusion detection system. Comput. Sci. 37(9), 94–96 (2010)
Google Scholar
Krizhevsky, A., Sutskever, I., Hinton, G.E.: ImageNet classification with deep convolutional neural networks. In: International Conference on Neural Information Processing Systems, pp. 1097–1105. Curran Associates Inc. (2012)
Google Scholar
He, K., Zhang, X., Ren, S., et al.: Deep residual learning for image recognition. In: Computer Vision and Pattern Recognition, pp. 770–778. IEEE (2016)
Google Scholar
Schuster, M., Paliwal, K.K.: Bidirectional recurrent neural networks. IEEE Trans. Signal Process 45(11), 2673–2681 (1997)
Article Google Scholar
Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735–1780 (1997)
Article Google Scholar
Netlab 360 Homepage. https://data.netlab.360.com/dga. Accessed 21 Sept 2018
Haddadi, F., Kayacik, H.G., Zincir-Heywood, A.N., Heywood, M.I.: Malicious automatically generated domain name detection using stateful-SBB. In: Esparcia-Alcázar, A.I. (ed.) EvoApplications 2013. LNCS, vol. 7835, pp. 529–539. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37192-9_53
Chapter Google Scholar
Xiong, C., Li, P., Zhang, P., Liu, Q., Tan, J.: MIRD: trigram-based Malicious URL detection Implanted with Random Domain name recognition. In: Niu, W., et al. (eds.) ATIS 2015. CCIS, vol. 557, pp. 303–314. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48683-2_27
Chapter Google Scholar
Jamdagni, A., Jamdagni, A., He, X., et al.: A system for denial-of-service attack detection based on multivariate correlation analysis. IEEE Trans. Parallel Distrib. Syst. 25(2), 447–456 (2014)
Article Google Scholar
Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2017)
Article Google Scholar
Thomas, K., Grier, C., Ma, J., et al.: Design and evaluation of a real-time URL spam filtering service. In: Security and Privacy, pp. 447–462. IEEE (2011)
Google Scholar

Download references

Author information

Authors and Affiliations

Beijing University of Posts and Telecommunications, Beijing, 100876, China
Xiaodan Yan & Baojiang Cui
North China Electric Power University, Beijing, 102206, China
Jianbin Li

Authors

Xiaodan Yan
View author publications
You can also search for this author in PubMed Google Scholar
Baojiang Cui
View author publications
You can also search for this author in PubMed Google Scholar
Jianbin Li
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jianbin Li .

Editor information

Editors and Affiliations

Guangzhou University, Guangzhou, China
Guojun Wang
Swinburne University of Technology, Melbourne, VIC, Australia
Jinjun Chen
St. Francis Xavier University, Antigonish, NS, Canada
Laurence T. Yang

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Yan, X., Cui, B., Li, J. (2018). Malicious Domain Name Recognition Based on Deep Neural Networks. In: Wang, G., Chen, J., Yang, L. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2018. Lecture Notes in Computer Science(), vol 11342. Springer, Cham. https://doi.org/10.1007/978-3-030-05345-1_43

Download citation

DOI: https://doi.org/10.1007/978-3-030-05345-1_43
Published: 07 December 2018
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05344-4
Online ISBN: 978-3-030-05345-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics