| 一种基于深度学习的快速DGA域名分类算法 |
| |
| 引用本文: | 刘洋,赵科军,葛连升,刘恒.一种基于深度学习的快速DGA域名分类算法[J].山东大学学报(理学版),2019,54(7):106-112. |
| |
| 作者姓名: | 刘洋 赵科军 葛连升 刘恒 |
| |
| 作者单位: | 1.山东大学信息化工作办公室, 山东 济南 250100;2.山东大学计算机科学与技术学院, 山东 青岛 266237;3.中电长城网际系统应用有限公司, 北京 102209 |
| |
| 基金项目: | 十三五国家重点研发计划(2017YFB0803004);赛尔网络下一代互联网技术创新项目(NGII20150412) |
| |
| 摘 要: | 提出了一种基于深度学习的CNN-LSTM-Concat快速DGA域名分类算法,使用多层一维卷积网络对域名字符进行序列化处理,LSTM网络层用于强化获取字符间长距离依赖关系。通过将LSTM的多序列输入转化为单向量输入,在保证检测性能的前提下,能够大幅提高训练和检测速度。实验证明,我们的方法对DGA域名分类的准率在公开数据集上达到98.32%。同时,在准确率相比主流的LSTM方法更高的情况下,检测时间比LSTM方法快6.41倍。
|
| 关 键 词: | 域名生成算法 卷积网络 LSTM |
A fast DGA domain detection algorithm based on deep learning |
| |
| LIU Yang,ZHAO Ke-jun,GE Lian-sheng,LIU Heng.A fast DGA domain detection algorithm based on deep learning[J].Journal of Shandong University,2019,54(7):106-112. |
| |
| Authors: | LIU Yang ZHAO Ke-jun GE Lian-sheng LIU Heng |
| |
| Institution: | 1. Informatization Office, Shandong University, Jinan 250100, Shandong, China;2. School of Computer Science and Technology, Jinan 266237, Shandong, China;3. Zhongdian Great Wall Internetworking System Application Co., Ltd, Beijing 102209, China |
| |
| Abstract: | A CNN-LSTM-Concat fast DGA domain classification algorithm based on deep learning is proposed. The multi-layer one-dimensional convolution networks are used to serialize domain name characters. The LSTM network layer is used to enhance the long-distance dependence between characters. By converting the multi-sequence input of LSTM into a single vector input, the training and detection speed can be greatly improved under the premise of ensuring the detection performance. Experiments show that our method has a precision of 98.32% for DGA domain classification using public datasets. At the same time, the detection time is 6.41 times faster than the LSTM method when the accuracy is higher than the epidemic LSTM methods. |
| |
| Keywords: | DGA CNN LSTM |
|
| 点击此处可从《山东大学学报(理学版)》浏览原始摘要信息 |
| 点击此处可从《山东大学学报(理学版)》下载免费的PDF全文 |
|
