Chinese Journal of Network and Information Security ›› 2020, Vol. 6 ›› Issue (6): 112-120.doi: 10.11959/j.issn.2096-109x.2020084

• Papers • Previous Articles     Next Articles

Lightweight malicious domain name detection model based on separable convolution

Luhui YANG1(),Huiwen BAI1,Guangjie LIU1,2,Yuewei DAI1,2   

  1. 1 School of Automation,Nanjing University of Science and Technology,Nanjing 210094,China
    2 School of Electronic &Information Engineering,Nanjing University of Information Science and Technology,Nanjing 210044,China
  • Revised:2020-05-21 Online:2020-12-15 Published:2020-12-16
  • Supported by:
    The National Natural Science Foundation of China(U1836104)

Abstract:

The application of artificial intelligence in the detection of malicious domain names needs to consider both accuracy and calculation speed,which can make it closer to the actual application.Based on the above considerations,a lightweight malicious domain name detection model based on separable convolution was proposed.The model uses a separable convolution structure.It first applies depthwise convolution on every input channel,and then performs pointwise convolution on all output channels.This can effectively reduce the parameters of convolution process without impacting the effectiveness of convolution feature extraction,and realize faster convolution process while keeping high accuracy.To improve the detection accuracy considering the imbalance of the number and difficulty of positive and negative samples,a focal loss function was introduced in the training process of the model.The proposed algorithm was compared with three typical deep-learning-based detection models on a public data set.Experimental results denote that the proposed algorithm achieves detection accuracy close to the state-of-the-art model,and can significantly improve model inference speed on CPU.

Key words: separable convolution, domain generation algorithm, deep learning, cyber security

CLC Number: