Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Neural Networks Based Domain Name Generation

Published

Author(s)

Zheng Wang, Yang Guo

Abstract

Domain generation algorithm (DGA) is commonly used to dynamically produce a large number of random domain names and select a small subset for actual use. DGA provides a method to make DNS mapping elusive and thereby make countermeasures ineffective. Modern DGAs are constantly evolving towards evading detection efforts. Detection techniques are also advancing in recent years with proven accuracy in identifying DGA generated domain names. In this paper, we propose the neural networks based domain name generation (NDG). NDG is based on variational autoencoder (VAE) whose encoder and decoder networks use stacked gated convolutional neural networks (GCNNs) to learn the contextual structure hierarchically. Experiment results show that both state-of-the-art DGA detection metrics (KL, ED, and JI) and existing detection systems (Cymon and Iit-Cnr) have difficulty detecting domain names generated by NDG, and NDG generally outperforms the representative existing DGAs.
Citation
Journal of Information Security and Applications
Volume
61

Keywords

Domain generation algorithm, generative neural networks, variational autoencoder, detection metrics

Citation

Wang, Z. and Guo, Y. (2021), Neural Networks Based Domain Name Generation, Journal of Information Security and Applications, [online], https://doi.org/10.1016/j.jisa.2021.102948 (Accessed October 15, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created September 1, 2021, Updated August 30, 2023