计算机科学
领域(数学分析)
图形
特征(语言学)
机器学习
人工智能
网络安全
数据挖掘
计算机安全
理论计算机科学
数学
语言学
数学分析
哲学
作者
Qing Wang,Chunyan Dong,Shijie Jian,Dan Du,Zhigang Lu,Yinhao Qi,Dongxu Han,Xiaobo Ma,Fei Wang,Yuling Liu
标识
DOI:10.1016/j.cose.2022.103059
摘要
Malicious domains are crucial vectors for attackers to conduct malicious activities. With the increasing numbers in domain-based attack activities and the enhancement of attacker evasion methods, the detection of malicious domains has become critical and increasingly difficult. Statistical feature-based and graph structure-based detection methods are mainstream technical approaches. However, highly hidden domains can escape feature detection, and the detection range of graph structure-based methods is limited. Based on these, we propose a malicious detection method called HANDOM. HANDOM combines statistical features and graph structural information to neutralize their limitations, and uses the Heterogeneous Attention Network (HAN) model to jointly handle both information to achieve high-performance malicious domain classification. We conduct experimental evaluations on real-world datasets and compare HANDOM with machine learning methods and other malicious detection methods. The results present that HANDOM has superior and robust performance, and can identify highly hidden domains.
科研通智能强力驱动
Strongly Powered by AbleSci AI