Unlock instant, AI-driven research and patent intelligence for your innovation.

Malicious domain name detection method and device, electronic equipment and storage medium

A domain name detection and domain name technology, applied in the security field, can solve the problems of high false positive rate and low accuracy of domain name detection methods

Pending Publication Date: 2022-04-01
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the embodiments of the present application is to provide a malicious domain name detection method, device, electronic equipment, and storage medium to improve the problems of high false alarm rate and low accuracy of domain name detection methods in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious domain name detection method and device, electronic equipment and storage medium
  • Malicious domain name detection method and device, electronic equipment and storage medium
  • Malicious domain name detection method and device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] The following will clearly and completely describe the technical solutions in the embodiments of the present application with reference to the drawings in the embodiments of the present application.

[0051] It should be noted that the terms "system" and "network" in the embodiments of the present invention may be used interchangeably. "Multiple" means two or more, in view of this, "multiple" can also be understood as "at least two" in the embodiments of the present invention. "And / or" describes the association relationship of associated objects, indicating that there may be three types of relationships, for example, A and / or B may indicate: A exists alone, A and B exist simultaneously, and B exists independently. In addition, the character " / ", unless otherwise specified, generally indicates that the associated objects before and after are in an "or" relationship.

[0052] The embodiment of the present application provides a method for detecting a malicious domain nam...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a malicious domain name detection method and device, electronic equipment and a storage medium, and relates to the technical field of security. According to the method, a plurality of segmented words of a to-be-detected domain name are obtained and input into a fastText model, whether the to-be-detected domain name is a malicious domain name or not is detected through the fastText model, and a detection result is obtained, due to the fact that the fastText model can achieve a text classification function through a shallow neural network, in a text classification task, the text classification efficiency is greatly improved, and the detection efficiency is improved. Compared with the prior art, a shallow network can always obtain the precision comparable with that of a deep network, so that the fastText model is adopted to detect malicious domain names, the detection precision which can be achieved by the deep network can be achieved, and compared with a detection mode based on regular expressions or black and white lists in an existing mode, the scheme is higher in detection precision.

Description

technical field [0001] The present application relates to the field of security technologies, and in particular, relates to a malicious domain name detection method, device, electronic equipment, and storage medium. Background technique [0002] With the continuous development of Internet technology, network security issues have become increasingly prominent. At present, a large number of DGA domain names can be quickly generated through the Domain Generation Algorithm (DGA), and a robust botnet can be constructed through the DGA domain name. Attackers use botnets to launch cyber attacks on devices on the network. [0003] In order to improve network security, it is necessary to detect DGA domain names. At present, the commonly used detection technology is based on regular expressions or black and white lists. However, since DGA domain names are easy to generate and change quickly, use preset regular expressions or The black and white lists have a high rate of false alarms...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F40/289G06F40/216G06N3/04G06N3/08
Inventor 李金辉崔元浩
Owner BEIJING TOPSEC NETWORK SECURITY TECH