Abstract
Network attackers use malicious domain to perform illegal activities such as online fishing and cyber fraud. This seriously endangers Internet users’ security and challenges national network management. Since domain resolution is an important step to obtain network resources, rapid and effective identification of malicious domain is an important technical means of network security. The existing malicious domain detection methods have two deficiencies: one is that the feature discrimination is not strong, resulting in the low accuracy in practical application; the other is that the training and recognition speed of detection model is slow. A new method based on heterogeneous information network and fusion features, named MDND-HMF model, is proposed in this paper. The model can comprehensively extract multiple features such as domain relationship, text and statistical features from DNS resolution traffic. The comprehensive experiments on the real-world dataset compared with two representative methods indicate that our method has the highest recognition accuracy of malicious domain, up to 86.7%. And the training time of MDND-HMF model is the shortest, which is nearly an order of magnitude lower than the method with the second highest accuracy. Our work provides a practical and effective solution for malicious domain detection.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
