Large-scale malicious domain detection system and method based on self-feedback learning

A technology of domain name detection and self-feedback, applied in transmission systems, electrical components, etc., can solve the problems of domain names no longer available and short survival time, and achieve the effects of reducing the detection burden, improving processing efficiency and accuracy

Active Publication Date: 2018-11-02
SHANGHAI JIAO TONG UNIV
View PDF6 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Such a malicious domain name has a short survival time. When the blacklist is updated, the attack is likely to be over or the domain name is no longer available. A detection system that can respond quickly and in time is needed to deal with this attack.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Large-scale malicious domain detection system and method based on self-feedback learning
  • Large-scale malicious domain detection system and method based on self-feedback learning
  • Large-scale malicious domain detection system and method based on self-feedback learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The following describes several preferred embodiments of the present invention with reference to the accompanying drawings, so as to make the technical content clearer and easier to understand. The present invention can be embodied in many different forms of embodiments, and the protection scope of the present invention is not limited to the embodiments mentioned herein.

[0044] In the drawings, components with the same structure are denoted by the same numerals, and components with similar structures or functions are denoted by similar numerals. The size and thickness of each component shown in the drawings are shown arbitrarily, and the present invention does not limit the size and thickness of each component. In order to make the illustration clearer, the thickness of parts is appropriately exaggerated in some places in the drawings.

[0045] The invention provides a malicious domain name detection system based on self-feedback learning, which includes three parts:...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a large-scale malicious domain detection system and method based on self-feedback learning and relates to the technical field of computer network security. For the deficiency of an existing detection technology on mass data processing and detection model updating, a malicious domain real-time detection system applicable to large-scale data is designed and realized. A methodof extracting a small data set for verification and updating is provided innovatively. The online learning efficiency is improved. Core algorithms comprise an algorithm of detecting malicious domainsbased on a support vector machine (SVM) in mass real-time domain detection, an online learning algorithm fSVM based on the self-feedback learning and an automatic calibration algorithm. Through theoretical demonstration and experimental verification, according to the algorithms provided by the invention, when the newly-presented malicious domains are copied with, the response can be carried out timely, and the excellent operation efficiency is achieved. According to the system and the method, the further analysis of the detected malicious domains is also realized. The system and the method play an enlightening role in perceiving malicious domain related threat intelligence.

Description

technical field [0001] The invention relates to the technical field of computer network security, in particular to a large-scale malicious domain name detection system and method based on self-feedback learning. Background technique [0002] A DDoS attack is a common attack launched by a controlled botnet. A botnet is a collection of infected systems. Attackers need to use DNS to resolve the address of the control server. At the same time, technologies such as Fast Flux hide the source of the attack, linking a collection of multiple IP addresses to a specific domain name. And swap new addresses in and out of DNS records to avoid detection. DNS communication as a covert channel has also begun to be widely used by attackers. Random Domain Name Generation Algorithm (DGA) is a domain name generation algorithm used by hackers to evade detection. Traditional detection methods use blacklist databases to detect malicious domain names, but they are helpless in the face of this new...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1416H04L63/1425H04L61/4511
Inventor 邹福泰朱家琛李林森吴越
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap