摘要
为了检测恶意程序中的虚假域名,便于识别僵尸网络和恶意程序,提出一种基于深度学习的虚假域名检测模型;该模型以域名字符串的字符序列为输入,利用一维卷积神经网络和自注意力机制,分别挖掘字符序列中各字符之间的局部依赖信息和全局依赖信息,将两者拼接在一起得到组合特征向量;借助多层感知机,得到待检测域名属于不同域名类别的概率。仿真结果表明,基于一维卷积神经网络和自注意力机制等深度学习算法构建的虚假域名检测模型能够有效检测出恶意程序常用的虚假域名。
To detect illusory domains in malwares and further identify botnets and malwares,an illusory domain detection model based on deep learning was proposed.The model takes character sequences of domain character strings as inputs to respectively mine local and global dependency information among each character in character sequences by using one-dimensional convolutional neural network and self-attention mechanism.The combined characteristic vectors can be cal-culated through concatenating local and global dependency information.Probability of domains to be detected belonging to different domain categories was obtained by using multilayer.The simulation results show that the proposed domain generation algorithm domain detection model based on deep learning such as one-dimensional convolutional neural network and self-attention mechanism can effectively detect the illusory domains commonly used by malwares.
作者
刘子雁
李宁
张丞
崔博
王云霄
孔汉章
LIU Ziyan;LI Ning;ZHANG Cheng;CUI Bo;WANG Yunxiao;KONG Hanzhang(Information and Telecommunication Company,State Grid Shandong Electric Power Company,Jinan 250021,Shandong,China)
出处
《济南大学学报(自然科学版)》
CAS
北大核心
2022年第2期148-154,共7页
Journal of University of Jinan(Science and Technology)
基金
国家电网有限公司2019年总部科技项目(5700-201958464A-0-0-00)。
关键词
网络安全
域名检测模型
卷积神经网络
自注意力机制
cyber security
domain detection model
convolutional neural network
self-attention mechanism
