Multimodel Collaboration to Combat Malicious Domain Fluxing-Reference-Cited by-同舟云学术

Multimodel Collaboration to Combat Malicious Domain Fluxing

Published:2023-10-02 Issue:19 Volume:12 Page:4121
ISSN:2079-9292
Container-title:Electronics
language:en
Short-container-title:Electronics

Author:

Nie Yuanping¹,Liu Shuangshuang²^ORCID,Qian Cheng¹,Deng Congyi²,Li Xiang¹,Wang Zhi²^ORCID,Kuang Xiaohui¹

Affiliation:

1. National Key Laboratory of Science and Technology on Information System Security, Bejing 100085, China

2. DISSec, College of Cyber Science, Nankai University, Tianjin 300350, China

Abstract

This paper proposes a novel domain-generation-algorithm detection framework based on statistical learning that integrates the detection capabilities of multiple heterogeneous models. The framework includes both traditional machine learning methods based on artificial features and deep learning methods, comprehensively analyzing 34 artificial features and advanced features extracted from deep neural networks. Additionally, the framework evaluates the predictions of the base models based on the fit of the samples to each type of sample set and a predefined significance level. The predictions of the base models are statistically analyzed, and the final decision is made using strategies such as voting, confidence, and credibility. Experimental results demonstrate that the DGA detection framework based on statistical learning achieves a higher detection rate compared to the underlying base models, with accuracy, precision, recall, and F1 scores reaching 0.979, 0.977, 0.981, and 0.979, respectively. The framework also exhibits a stronger adaptability to unknown domains and a certain level of robustness against concept drift attacks.

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering

Link

https://www.mdpi.com/2079-9292/12/19/4121/pdf

Reference41 articles.

1. Wagan, A.A., Li, Q., Zaland, Z., Marjan, S., Bozdar, D.K., Hussain, A., Mirza, A.M., and Baryalai, M. (2023). A Unified Learning Approach for Malicious Domain Name Detection. Axioms, 12.

2. Chen, S., Lang, B., Chen, Y., and Xie, C. (2023). Detection of Algorithmically Generated Malicious Domain Names with Feature Fusion of Meaningful Word Segmentation and N-Gram Sequences. Appl. Sci., 13.

3. DDOFM: Dynamic malicious domain detection method based on feature mining;Wang;Comput. Secur.,2023

4. Abu Al-Haija, Q., Alohaly, M., and Odeh, A. (2023). A Lightweight Double-Stage Scheme to Identify Malicious DNS over HTTPS Traffic Using a Hybrid Learning Approach. Sensors, 23.

5. Zhou, J., Cui, H., Li, X., Yang, W., and Wu, X. (2023). A Novel Phishing Website Detection Model Based on LightGBM and Domain Name Features. Symmetry, 15.