Malicious domain name detection method
A technology of domain name detection and detection method, applied in the field of information security, can solve the problems of low accuracy and low detection efficiency, and achieve the effect of high accuracy, high detection efficiency and improved accuracy.
Active Publication Date: 2019-09-17
SICHUAN CHANGHONG ELECTRIC CO LTD
View PDF7 Cites 6 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0003] The present invention provides a malicious domain name detection method for solving the problems of low detection efficiency and low accuracy of existing malicious domain name detection methods
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreExamples
Experimental program
Comparison scheme
Effect test
Embodiment
[0029] The technical scheme of the present invention is illustrated in detail below.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention relates to an information security technology, and solves the problems of relatively low detection efficiency and relatively low accuracy of an existing malicious domain name detection method. The technical scheme is summarized as follows: judging whether a to-be-detected domain name exists in a blacklist and a whitelist; for a to-be-detected domain name which does not exist in a black and white list, using a K nearest neighbor algorithm for classifying and recognizing a malicious domain name, for a non-malicious domain name recognized by the K nearest neighbor algorithm, using one or more detection means for analyzing the danger of the non-malicious domain name, and using a danger scoring mechanism for recognizing the malicious domain name. The method has the beneficial effects that a set of multi-level detection mode of malicious domain names is formed through ordered combination of black and white list detection, K neighbor attribute detection and danger score detection, the detection accuracy is improved, and the detection efficiency is high.
Description
technical field [0001] The invention relates to information security technology, in particular to domain name detection technology. Background technique [0002] With the popularization of the Internet, Internet crimes occur frequently, seriously damaging the interests of the country, enterprises and individuals. In the process of phishing, attackers use deceptive e-mails, mobile phone text messages, etc. to induce users to visit malicious domain names to carry out network fraud activities. After accessing these malicious domain names, users expose their personal privacy and even cause certain economic losses to users. loss. In the prior art, detection methods for malicious domain names are generally based on threat intelligence databases, manual analysis algorithms, etc. to identify malicious domain names. The method for determining malicious domain names is single and inaccurate. When there are malicious domain names with various methods, the detection efficiency is low....
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1416H04L63/1483H04L61/4511
Inventor 常清雪周玉廷
Owner SICHUAN CHANGHONG ELECTRIC CO LTD