Credibility-Based Internet Malicious Domain Name Detection Method

A domain name detection and credibility technology, applied in network data retrieval, secure communication devices, network data indexing, etc., can solve the problems of obvious model degradation, difficulty in resisting new domain names, and inability to obtain comprehensive and accurate results in domain name prediction. Achieving the effect of enhancing diversity and changing the way of analysis

Active Publication Date: 2022-05-27
NANKAI UNIV
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to solve the problem that traditional analysis methods are difficult to resist new domain names and the degree of model degradation is obvious in the case of increasing number of domain names, resulting in the inability to obtain comprehensive and accurate results for domain name predictions, and to provide a credibility-based Internet Malicious domain name detection method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Credibility-Based Internet Malicious Domain Name Detection Method
  • Credibility-Based Internet Malicious Domain Name Detection Method
  • Credibility-Based Internet Malicious Domain Name Detection Method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0068] The present invention takes the modeling of eigenvalues ​​as an example for specific description. Any machine learning algorithm that establishes a model by inputting eigenvalues ​​of a domain name set can be used in this method. The method flow is as follows: figure 1 , in this embodiment, four machine learning algorithms, XGBoost, LSTM, Bagging, and Support Vector Machine (SVM), are used as examples to illustrate, and the specific introduction is as follows:

[0069] XGBoost, the full name of eXtreme Gradient Boosting, is a boosting iterative algorithm and tree algorithm based on GBDT. It is mainly used in classification and regression. It has fast speed and good effect. It can process a large amount of data in parallel, and supports custom loss functions. Regularization, with high flexibility, capable of missing value processing and pruning, built-in cross-validation, and continuous training on the basis of existing models, etc., but the release time of xgboost is sho...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A credibility-based detection method for Internet malicious domain names is applied in the field of cyberspace security. Including: 1. Use XGBoost, LSTM, Bagging and other machine learning to learn from a large number of malicious domain name samples and normal domain name samples, and establish a malicious domain name detection model with various heterogeneous algorithms; 2. Calculate through statistical learning algorithms The credibility of XGBoost, LSTM, Bagging and other detection models for the prediction results of suspicious domain names; third, use the credibility of the calculated model prediction results to fuse the prediction results of multiple models to realize the collaborative defense of heterogeneous models. The present invention selects 13 domain name feature values, uses various machine learning models to analyze domain names to obtain credibility, and adopts a simple voting method to fuse models on the basis of credibility, thereby improving the accuracy of domain name analysis.

Description

technical field [0001] The invention belongs to the field of computer network space security. Background technique [0002] With the development of the network, cyberspace security has received attention from all aspects, and the emerging cyberspace security threats have become new challenges that people have to face. The rapid growth of targeted network attacks has directly spawned domain name services; and domain name analysis has always been a hot issue in the field of cyberspace security, which can make threats more visible, respond to targeted attacks more quickly, strengthen strategic planning and investment, and effectively mitigate At present, the problem of offense and defense asymmetry in combating network attacks also provides technical support for real-time awareness of network situations. In recent years, the number of cyberspace security threats in my country has surged. However, in our country's analysis of malicious domain names, there are still problems su...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F16/33G06F16/951H04L9/40H04L61/4511G06N20/00
CPCG06F16/3331G06F16/951H04L63/1416G06N20/00H04L61/4511
Inventor 王志李涵林宇量詹婧于涛
Owner NANKAI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap