Domain generation algorithm (DGA) is commonly used to dynamically produce a large number of random domain names and select a small subset for actual use. DGA provides a method to make DNS mapping elusive and thereby make countermeasures ineffective. Modern DGAs are constantly evolving towards evading detection efforts. Detection techniques are also advancing in recent years with proven accuracy in identifying DGA generated domain names. In this paper, we propose the neural networks based domain name generation (NDG). NDG is based on variational autoencoder (VAE) whose encoder and decoder networks use stacked gated convolutional neural networks (GCNNs) to learn the contextual structure hierarchically. Experiment results show that both state-of-the-art DGA detection metrics (KL, ED, and JI) and existing detection systems (Cymon and Iit-Cnr) have difficulty detecting domain names generated by NDG, and NDG generally outperforms the representative existing DGAs.
and Guo, Y.
Neural Networks Based Domain Name Generation, Journal of Information Security and Applications, [online], https://doi.org/10.1016/j.jisa.2021.102948
(Accessed September 22, 2023)