Abstract
With the rapid development of Internet technology, the network had served various industries, and the number of domains was increasing day by day. As a result, the detection of malicious domain had become increasingly difficult and important. Domain Generate Algorithm (DGA) was common in some botnets and APT attacks, Aiming at the problem of DGA domain can easily bypass traditional firewalls and intrusion detection devices, a DGA domain detection algorithm based on Long Short-Term Memory (LSTM) model was designed, whose detection accuracy rate is as high as 99.17%. Meanwhile, a Real-time Monitoring System for DGA Domain based on LSTM was proposed in combination with flow probe to monitor network traffic in real time and improve cyberspace protection capabilities.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
References
Sato, K., et al.: Extending black domain name list by using co-occurrence relation between DNS queries. ICE Trans. Commun. E95-B(3), 794–802 (2012)
Sandeep, Y., Krishna, R.A.K., et al.: Detecting algorithmically generated domain-flux attacks with DNS traffic analysis. IEEE/ACM Trans. Network. (TON) 20(05), 1663–1677 (2012)
Bilge, L., Sen, S., Balzarotti, D., et al.: Exposure: a passive DNS analysis service to detect and report malicious domains. ACM Trans. Inf. Syst. Secur. 16(4), 14:1–14:28 (2014)
Yann, L., Yoshua, B., Geoffrey, H.: Deep learning. Nature 521(7553), 436–444 (2015)
Woodbridge, J., Anderson, H.S., et al.: Predicting domain generation algorithms with long short-term memory networks. ArXiv Preprint ArXiv, 1611.00791 (2016)
Sepp, H., Jurgen, S.: Long short-term memory. Neural Comput. 9(8), 1735–1780 (1997)
Gupta, S.: Detecting attacks in high-speed networks: issues and solutions. Inf. Secur. J. A Glob. Perspect. 29(2), 51–61 (2020)
Shijie, L., Hong, N.: Scapy application for security testing of DDoS defense equipment. Network Secur. Technol. Appl. 01, 20–22 (2020)
Tomas, M., Ilya, S., Kai, C., et al.: Distributed representations of words and phrases and their compositionality. Adv. Neural. Inf. Process. Syst. 26, 3111–3119 (2013)
Liu, Y., Zhao, K., Ge, L., et al.: A fast DGA domain detection algorithm based on deep learning. J. Shandong Univ. (Nat. Sci.) 54(07), 106–112 (2019). (in Chinese)
Pei, L., Zhao, Y., Wang, Z., et al.: Comparison of DGA detection models using deep learning. Comput. Sci. 46(05), 111–115 (2019). (in Chinese)
Acknowledgements
This work was supported by University-Industry Collaborative Education Program (no. 201901007009, 201901041007); Primary Research & Development Plan of Jiangxi Province (no. 20192BBE50075); AFCEC Program (no. 2019-AFCEC-355).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Liu, B., Wang, H. (2021). Real-Time Monitoring System for DGA Domain Based on Long Short-Term Memory. In: Abawajy, J., Choo, KK., Xu, Z., Atiquzzaman, M. (eds) 2020 International Conference on Applications and Techniques in Cyber Intelligence. ATCI 2020. Advances in Intelligent Systems and Computing, vol 1244. Springer, Cham. https://doi.org/10.1007/978-3-030-53980-1_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-53980-1_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-53979-5
Online ISBN: 978-3-030-53980-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)