Wang, Z.
and Guo, Y.
(2021),
Neural Networks Based Domain Name Generation, Journal of Information Security and Applications, [online], https://doi.org/10.1016/j.jisa.2021.102948
(Accessed April 27, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Neural Networks Based Domain Name Generation
Published
Author(s)
,
Abstract
Domain generation algorithm (DGA) is commonly used to dynamically produce a large number of random domain names and select a small subset for actual use. DGA provides a method to make DNS mapping elusive and thereby make countermeasures ineffective. Modern DGAs are constantly evolving towards evading detection efforts. Detection techniques are also advancing in recent years with proven accuracy in identifying DGA generated domain names. In this paper, we propose the neural networks based domain name generation (NDG). NDG is based on variational autoencoder (VAE) whose encoder and decoder networks use stacked gated convolutional neural networks (GCNNs) to learn the contextual structure hierarchically. Experiment results show that both state-of-the-art DGA detection metrics (KL, ED, and JI) and existing detection systems (Cymon and Iit-Cnr) have difficulty detecting domain names generated by NDG, and NDG generally outperforms the representative existing DGAs.Citation
Journal of Information Security and Applications
Volume
61
Pub Type
Journals
Download Paper
Keywords
Domain generation algorithm, generative neural networks, variational autoencoder, detection metrics
Citation
Created September 1, 2021, Updated August 30, 2023