Classification for DGA-Based Malicious Domain Names with Deep Learning Architectures
International Journal of Intelligent Information Systems
Volume 6, Issue 6, December 2017, Pages: 67-71
Received: Dec. 5, 2017; Published: Dec. 6, 2017
Views 1798      Downloads 68
Authors
Feng Zeng, Han Sight (Beijing) Software Technology Co., Ltd, Beijing, China
Shuo Chang, Han Sight (Beijing) Software Technology Co., Ltd, Beijing, China
Xiaochuan Wan, Han Sight (Beijing) Software Technology Co., Ltd, Beijing, China
Article Tools
Follow on us
Abstract
The preemptive defenses against various malware created by domain generation algorithms (DGAs) have traditionally been solved using manually-crafted domain features obtained by heuristic process. However, it is difficult to achieve real-world deployment with most research on detecting DGA-based malicious domain names due to poor performance and time consuming. Based on the recent overwhelming success of deep learning networks in a broad range of applications, this article transfers five advanced learned ImageNet models from Alex Net, VGG, Squeeze Net, Inception, Res Net to classify DGA domains and non-DGA domains, which: (i) is suited to automate feature extraction from raw inputs; (ii) has fast inference speed and good accuracy performance; and (iii) is capable of handling large-scale data. The results show that the proposed approach is effective and efficient.
Keywords
Domain Generation Algorithm (DGA), Recurrent Neural Network (RNN), Deep Learning Architecture, Classification, Transfer Learning
To cite this article
Feng Zeng, Shuo Chang, Xiaochuan Wan, Classification for DGA-Based Malicious Domain Names with Deep Learning Architectures, International Journal of Intelligent Information Systems. Vol. 6, No. 6, 2017, pp. 67-71. doi: 10.11648/j.ijiis.20170606.11
References
[1]
Lever C, Kotzias P, Balzarotti D, et al. A Lustrum of Malware Network Communication: Evolution and Insights [C]. Security and Privacy. IEEE, 2017:788-804.
[2]
Antonakakis M, Perdisci R, Nadji Y, et al. From throw-away traffic to bots: detecting the rise of DGA-based malware [C]. Usenix Conference on Security Symposium. 2012:24-24.
[3]
Zhang Y, Zhang Y, Xiao J. Detecting the DGA-Based Malicious Domain Names [M]. Trustworthy Computing and Services. Springer Berlin Heidelberg, 2013:130-137.
[4]
Woodbridge J, Anderson H S, Ahuja A, et al. Predicting Domain Generation Algorithms with Long Short-Term Memory Networks [J]. 2016.
[5]
Anderson H S, Woodbridge J, Filar B. Deep DGA: Adversarially-Tuned Domain Generation and Detection [J]. 2016:13-21.
[6]
Krizhevsky A, Sutskever I, Hinton G E. ImageNet classification with deep convolutional neural networks [C]. International Conference on Neural Information Processing Systems. Curran Associates Inc. 2012:1097-1105.
[7]
Simonyan K, Zisserman A. Very Deep Convolutional Networks for Large-Scale Image Recognition [J]. Computer Science, 2014.
[8]
Forrest N. Iandola , Song Han , Matthew W. Moskewicz etc. SqueezeNet: AlexNet-level accuracy with 50x fewer parameters and <0.5MB model size [C]. International Conference on Learning Representations, 2016.
[9]
Szegedy C, Vanhoucke V, Ioffe S, et al. Rethinking the Inception Architecture for Computer Vision [C]. Computer Vision and Pattern Recognition. IEEE, 2016:2818-2826.
[10]
Szegedy C, Ioffe S, Vanhoucke V, et al. Inception-v4, Inception-Res Net and the Impact of Residual Connections on Learning [J]. 2016.
[11]
He K, Zhang X, Ren S, et al. Deep Residual Learning for Image Recognition [C]. Computer Vision and Pattern Recognition. IEEE, 2016:770-778.
[12]
Hinton G, Deng L, Yu D, et al. Deep Neural Networks for Acoustic Modeling in Speech Recognition: The Shared Views of Four Research Groups [J]. IEEE Signal Processing Magazine, 2012, 29(6):82-97.
[13]
Tianqi Chen, Mu Li, Yutian Li, Min Lin, Naiyan Wang, Minjie Wang, Tianjun Xiao, Bing Xu, Chiyuan Zhang, and Zheng Zhang. MXNet: A Flexible and Efficient Machine Learning Library for Heterogeneous Distributed Systems. In Neural Information Processing Systems, Workshop on Machine Learning Systems, 2015.
[14]
Tang S, Han S. Generate Image Descriptions based on Deep RNN and Memory Cells for Images Features [J]. 2016.
[15]
S. Hochreiter and J. Schmidhuber. Long short-term memory. Neural Computation, 9(8):1735–1780, 1997.
[16]
Woodbridge J, Anderson H S, Ahuja A, et al. Predicting Domain Generation Algorithms with Long Short-Term Memory Networks [J]. 2016.
[17]
Zhao B, Huang B, Zhong Y. Transfer Learning With Fully Pre trained Deep Convolution Networks for Land-Use Classification [J]. IEEE Geoscience & Remote Sensing Letters, 2017, 14(9):1436-1440.
[18]
“Does Alexa have a list of its top-ranked websites?” https://support.alexa.com/hc/en-us/articles/ 200449834-Does-Alexa-have-a-list-of-its-top-ranked-websites-. Accessed: 2016-04-06.
ADDRESS
Science Publishing Group
548 FASHION AVENUE
NEW YORK, NY 10018
U.S.A.
Tel: (001)347-688-8931