Journal on Communications ›› 2020, Vol. 41 ›› Issue (5): 37-47.doi: 10.11959/j.issn.1000-436x.2020094
• Papers • Previous Articles Next Articles
Chunyu HAN1,2,Yongzheng ZHANG2,3,Yu ZHANG1
Revised:
2020-04-22
Online:
2020-05-25
Published:
2020-05-30
Supported by:
CLC Number:
Chunyu HAN,Yongzheng ZHANG,Yu ZHANG. Fast-flucos:malicious domain name detection method for Fast-flux based on DNS traffic[J]. Journal on Communications, 2020, 41(5): 37-47.
"
10折组号 | 召回率 | 精确率 | ROC_AUC |
1 | 0.996 0 | 0.981 0 | 0.992 6 |
2 | 1.000 0 | 0.983 0 | 0.993 7 |
3 | 1.000 0 | 0.975 0 | 0.992 3 |
4 | 1.000 0 | 0.977 0 | 0.994 7 |
5 | 0.99 8 | 0.974 0 | 0.993 2 |
6 | 0.99 8 | 0.971 0 | 0.992 5 |
7 | 1.000 0 | 0.971 0 | 0.993 0 |
8 | 0.99 6 | 0.980 0 | 0.992 2 |
9 | 0.99 8 | 0.972 0 | 0.990 1 |
10 | 1.000 0 | 0.983 0 | 0.994 2 |
平均 | 0.998 6 | 0.976 7 | 0.992 9 |
[1] | ZHAUNIAROVICH Y , KHALIL I , YU T ,et al. A survey on malicious domains detection through DNS data analysis[J]. ACM Computing Surveys, 2018,51(4):67. |
[2] | ALMOMANI A . Fast-flux hunter:a system for filtering online fast-flux botnet[J]. Neural Computing and Applications, 2018,29(7): 483-493. |
[3] | ZHOU C V , LECKIE C , KARUNASEKERA S . Collaborative detection of fast flux phishing domains[J]. Journal of Networks, 2009,4(1): 75-84. |
[4] | ZHOU C V , LECKIE C , KARUNASEKERA S ,et al. A self-healing,self-protecting collaborative intrusion detection architecture to trace-back Fast-flux phishing domains[C]// IEEE Network Operations and Management Symposium Workshop. Piscataway:IEEE Press, 2008: 321-327. |
[5] | AL-DUWAIRI B N , AL-HAMMOURI A T . Fast flux watch:a mechanism for online detection of fast flux networks[J]. Journal of Advanced Research, 2014,1(3): 1-7. |
[6] | MARTINEZ-BEA S , CASTILLO-PEREZ S , GARCIA-ALFARO J , . Real-time malicious fast-flux detection using DNS and bot related features[C]// 2013 Eleventh Annual International Conference on Privacy,Security and Trust. Piscataway:IEEE Press, 2013: 369-372. |
[7] | CAGLAYAN A , TOOTHAKER M , DRAPEAU D ,et al. Real-time detection of fast flux service networks[C]// Proceedings of the Cybersecurity Applications & Technology Conference for Homeland Security. 2009: 285-292. |
[8] | NAZARIO J , HOLZ T . As the net churns:fast-flux botnet observations[C]// Proceeding of 3rd International Conference on Malicious and Unwanted Software (MALWARE). 2008: 24-31. |
[9] | CAGLAYAN A , TOOTHAKER M , DRAPAEAU D ,et al. Behavioral patterns of fast flux service networks[C]// Proceeding of the 43rd Hawii International Conference on System Sciences (HICSS). Piscataway:IEEE Press, 2010: 1-9. |
[10] | HU X , KNYSZ M , SHIN K G . Measurement and analysis of global IP-usage patterns of fast-flux botnets[C]// Proceeding of IEEE INFORCOM. Piscataway:IEEE Press, 2011:15. |
[11] | PASSERINI E , PALEARI R , MARTIGNONI L ,et al. FluXOR:detecting and monitoring Fast-flux service networks[C]// Proceeding of the 5th Conference on Detection of Intrusion and Malware & Vulnerability Assessment(DIMVA). Berlin:Springer, 2008: 186-206. |
[12] | PERDISCI R , CORONA I , DAGON D ,et al. Detecting malicious Flux service networks through passive analysis of recursive DNS traces[C]// Twenty-Fifth Annual Computer Security Applications Conference. Los Alamitos:IEEE Computer Society, 2009: 311-320. |
[13] | LIN H T , LIN Y Y , CHIANG J W . Genetic-based real-time fast-flux service networks detection[J]. Computer Networks, 2013(57): 501-513. |
[14] | HUANG S Y , MAO C H , LEE H M . Fast-flux service network detection based on spatial snapshot mechanism for delay-free detection[C]// Proceedings of the 5th ACM Symposium on Information,Computer and Communications Security. New York:ACM Press, 2010: 101-111. |
[15] | HOLZ T , GORECKI C , RIECK K ,et al. Measuring and detecting Fast-flux service networks[C]// In Symposium on Network and Distributed System Security. 2008: 1-12. |
[16] | KNYSZ M , HU X , SHIN K G . Good guys vs.bot guise:mimicry attacks against fast-flux detection systems[C]// Proceeding of IEEE INFORCOM. Piscataway:IEEE Press, 2011: 1844-1852. |
[17] | HSU F H , WANG C S , HSU C H ,et al. Detect Fast-flux domains through response time differences[J]. IEEE Journal on Selected Areas in Communications, 2014,32(10): 1947-1956. |
[18] | BILGE L , KIRDA E , KRUEGEL C ,et al. EXPOSURE:finding malicious domains using passive DNS analysis[C]// Proceedings of the Network and Distributed System Security Symposium. 2011: 1-17. |
[19] | 臧小东, 龚俭, 胡晓艳 . 基于 AGD 的恶意域名检测[J]. 通信学报, 2018,39(7): 15-25. |
ZANG X D , GONG J , HU X Y . Detecting malicious domains based on AGD[J]. Journal on Communications, 2018,39(7): 15-25. | |
[20] | FAKERI-TABRIZI A , NGUYEN T , LIU H L , .et al Analyzing DNS requests for anomaly detection:US 20160065611A1[P].(2016-03-03)[2019-10-31]. |
[21] | LEI K , FU Q , NI J ,et al. Detecting malicious domains with behavioral modeling and graph embedding[C]// 2019 IEEE 39th International Conference on Distributed Computing Systems. Piscataway:IEEE Press, 2019: 601-611. |
[22] | SUN X , TONG M , YANG J ,et al. HinDom:a robust malicious domain detection system based on heterogeneous information network with transductive classification[C]// 22nd International Symposium on Research in Attacks,Intrusions and Defenses. Berkeley:USENIX Association, 2019: 399-412. |
[23] | SHI Y , CHEN G , LI J . Malicious domain name detection based on extreme machine learning[J]. Neural Processing Letters, 2018,48(3): 1347-1357. |
[24] | 周昌令, 陈恺, 公绪晓 ,等. 基于Passive DNS的速变域名检测[J]. 北京大学学报(自然科学版), 2016,52(3): 396-402. |
ZHOU C L , CHEN K , GONG X X ,et al. Detection of Fast-flux domains based on passive DNS analysis[J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2016,52(3): 396-402. |
[1] | Dongyu CHEN, Hua CHEN, Limin FAN, Yifang FU, Jian WANG. Research on test strategy for randomness based on deep learning [J]. Journal on Communications, 2023, 44(6): 23-33. |
[2] | Rongpeng LI, Bingyan WANG, Honggang ZHANG, Zhifeng ZHAO. Design of knowledge enhanced semantic communication receiver [J]. Journal on Communications, 2023, 44(6): 70-76. |
[3] | Shuai MA, Ke PEI, Huayan QI, Hang LI, Wen CAO, Hongmei WANG, Hailiang XIONG, Shiyin LI. Research on geomagnetic indoor high-precision positioning algorithm based on generative model [J]. Journal on Communications, 2023, 44(6): 211-222. |
[4] | Qianyi DAI, Bin ZHANG, Song GUO, Kaiyong XU. Blockchain network layer anomaly traffic detection method based on multiple classifier integration [J]. Journal on Communications, 2023, 44(3): 66-80. |
[5] | Jie YANG, Biao DONG, Xue FU, Yu WANG, Guan GUI. Lightweight decentralized learning-based automatic modulation classification method [J]. Journal on Communications, 2022, 43(7): 134-142. |
[6] | Xiuzhang YANG, Guojun PENG, Zichuan LI, Yangqi LYU, Side LIU, Chenguang LI. Research on entity recognition and alignment of APT attack based on Bert and BiLSTM-CRF [J]. Journal on Communications, 2022, 43(6): 58-70. |
[7] | Yong LIAO, Shiyi WANG. CSI feedback algorithm based on RM-Net for massive MIMO systems in high-speed mobile environment [J]. Journal on Communications, 2022, 43(5): 166-176. |
[8] | Yurong LIAO, Haining WANG, Cunbao LIN, Yang LI, Yuqiang FANG, Shuyan NI. Research progress of deep learning-based object detection of optical remote sensing image [J]. Journal on Communications, 2022, 43(5): 190-203. |
[9] | Zenghua ZHAO, Yuefan TONG, Jiayang CUI. Device-independent Wi-Fi fingerprinting indoor localization model based on domain adaptation [J]. Journal on Communications, 2022, 43(4): 143-153. |
[10] | Gaofeng HE, Qianfeng WEI, Xiancai XIAO, Haiting ZHU, Bingfeng XU. Confirmation method for the detection of malicious encrypted traffic with data privacy protection [J]. Journal on Communications, 2022, 43(2): 156-170. |
[11] | Yong LIAO, Gang CHENG, Yujie LI. CSI feedback algorithm based on deep unfolding for massive MIMO systems [J]. Journal on Communications, 2022, 43(12): 77-88. |
[12] | Xueyuan DUAN, Yu FU, Kun WANG, Bin LI. LDoS attack detection method based on simple statistical features [J]. Journal on Communications, 2022, 43(11): 53-64. |
[13] | Junyan HUO, Ruipeng QIU, Yanzhuo MA, Fuzheng YANG. Reference frame list optimization algorithm in video coding by quality enhancement of the nearest picture [J]. Journal on Communications, 2022, 43(11): 136-147. |
[14] | Zhibin FENG, Yuhua XU, Zhiyong DU, Xin LIU, Wen LI, Hao HAN, Xiaobo ZHANG. Active defense technology against intelligent jammer [J]. Journal on Communications, 2022, 43(10): 42-54. |
[15] | Haiyan KANG, Yuanrui JI. Research on federated learning approach based on local differential privacy [J]. Journal on Communications, 2022, 43(10): 94-105. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|