| 基于GRU型循环神经网络的随机域名检测 |
| |
| 引用本文: | 陈立国,张跃冬,耿光刚,延志伟.基于GRU型循环神经网络的随机域名检测[J].计算机系统应用,2018,27(8):198-202. |
| |
| 作者姓名: | 陈立国 张跃冬 耿光刚 延志伟 |
| |
| 作者单位: | 中国科学院 计算机网络信息中心, 北京 100190;中国科学院大学, 北京 100049;中国互联网络信息中心, 北京 100190,中国互联网络信息中心, 北京 100190,中国互联网络信息中心, 北京 100190,中国互联网络信息中心, 北京 100190 |
| |
| 基金项目: | 国家自然科学基金(61375039) |
| |
| 摘 要: | 随机域名是指由随机域名算法生成的域名,被针对计算机网络系统的恶意软件广泛使用,随机域名的检测任务是域名系统过滤攻击流量的基础性工作.传统方法对随机域名的检测效果不理想,精确率与召回率较低,导致过滤攻击流量时会出现较多的误判.本文提出和实现了一种基于GRU型循环神经网络的随机域名检测模型,该模型首先将域名转换成向量,然后借助GRU自动学习域名向量的特征,最后通过神经网络计算分类.相比于传统方法,该模型不再需要人工提取特征的过程,减少了特征提取的时间.且经过算法生成数据与真实场景数据的实验验证,该方法在随机域名检测任务中相比传统模型表现更加出色.
|
| 关 键 词: | 随机域名 GRU 循环神经网络 域名系统 流量过滤 |
| 收稿时间: | 2017/12/5 0:00:00 |
| 修稿时间: | 2017/12/27 0:00:00 |
Detection of Random Generated Names Using Recurrent Neural Network with Gated Recurrent Unit |
| |
| CHEN Li-Guo,ZHANG Yue-Dong,GENG Guang-Gang and YAN Zhi-Wei.Detection of Random Generated Names Using Recurrent Neural Network with Gated Recurrent Unit[J].Computer Systems& Applications,2018,27(8):198-202. |
| |
| Authors: | CHEN Li-Guo ZHANG Yue-Dong GENG Guang-Gang and YAN Zhi-Wei |
| |
| Affiliation: | Computer Network Information Center, Chinese Academy of Sciences, Beijing 100190, China;University of Chinese Academy of Sciences, Beijing 100049, China;China Internet Network Information Center, Beijing 100190, China,China Internet Network Information Center, Beijing 100190, China,China Internet Network Information Center, Beijing 100190, China and China Internet Network Information Center, Beijing 100190, China |
| |
| Abstract: | Random domain names refer to the names generated by domain generation algorithms, which are widely used by the malware of the computer network system. The detection of random domain names is the basic work of the traffic filtering operation of the domain name system. The traditional method of detecting random domain name is not ideal and the precision and recall are low which will lead to erroneous judgement in attack traffic filtering. In this paper, the random names detection model are built based on recurrent neural network with gated recurrent unit. In this model, domain names are converted to vectors at first, then GRU are adopted to learn features automatically and which will be taken by the neural network to compute the class scores. Compared to traditional methods, this method is able to extract features without human help and which will reduce the time cost of feature extraction. This method performs better in the experiments of the algorithm generated data and the real world data than traditional models. |
| |
| Keywords: | random names GRU recurrent neural network domain name system traffic filtering |
|
| 点击此处可从《计算机系统应用》浏览原始摘要信息 |
|
点击此处可从《计算机系统应用》下载全文 |
|
