Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious domain name detection method and system based on RNN-SPP network

A domain name detection and domain name technology, applied in the field of network security, can solve the problems of passive defense, low efficiency, and unsatisfactory detection accuracy.

Inactive Publication Date: 2019-09-10
FUZHOU UNIV
View PDF5 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Under the background of the rapid development of global network informatization, the existing methods mostly have problems such as low efficiency, unsatisfactory detection accuracy and passive defense in the face of a large number of DGA domain names with diverse sources.
At the same time, these domain names are very difficult to detect in the face of the way they are generated and contacted every day

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious domain name detection method and system based on RNN-SPP network
  • Malicious domain name detection method and system based on RNN-SPP network
  • Malicious domain name detection method and system based on RNN-SPP network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0085] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0086] Please refer to figure 1 , the present invention provides a kind of malicious domain name detection method based on RCNN-SPP network, comprises the following steps:

[0087] Step A: Collect normal domain name and malicious domain name samples, preprocess the domain name samples, and assign category labels to obtain a domain name character sequence training set D with category labels;

[0088] Step B: Using the Borderline-SMOTE oversampling algorithm, for the minority class samples in the domain name character sequence training set D with class labels, synthesize new minority class samples through interpolation, and balance the domain name character sequence training set D with class labels Class sample distribution, to obtain a balanced domain name character sequence training set D with category labels E ;

[0089] Step C: Use the equalized do...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a malicious domain name detection method based on RNN-SPP network which comprises the following steps: carrying out data preprocessing on domain names in a training set to obtain a domain name character sequence training set D; performing equalization data synthesis on the domain name character sequence training set D by utilizing an improved SMOTE algorithm to obtain an equalization-enhanced training set D '; constructing and initializing a neural network model comprising a cyclic convolution RCNN based on spatial pyramid SPP pooling; converting the domain name in thetraining set D' into a representation vector with a fixed length; inputting the representation vector of the domain name obtained in the step D into the RCNN-SPP neural network model to obtain a feature vector of the domain name; inputting the context vector of the domain name into a full connection layer of the neural network model to obtain a trained neural network model; and converting the domain name to be judged into a character sequence, inputting the character sequence into the trained neural network model, and outputting a judgment result.

Description

technical field [0001] The invention relates to the field of network security, in particular to an RCNN-SPP network-based malicious domain name detection method and system. Background technique [0002] DGA (Domain Name Generation Algorithm) is a technical method that uses random characters to generate C&C domain names to evade domain name blacklist detection. In order to prevent C2 (Command&Control) traffic that generates DGA, security organizations must first discover the DGA algorithm through reverse engineering, and then generate a list of domains with a given seed, in order to deal with malicious domain names in a timely manner. DGA technology will greatly increase the difficulty of combating and shutting down central structure botnets (such as Conficker-A / B / C bots, Krabenbotnet, etc.): Botnets use this technology to dynamically generate domain names in order to avoid domain name blacklists. Faced with this situation, inspectors need to detect and identify the DGA fami...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12G06N3/04G06N3/08
CPCH04L63/1416H04L63/1441G06N3/084H04L2463/144H04L61/4511G06N3/045
Inventor 陈羽中张毓东郭昆张衍坤
Owner FUZHOU UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com