Malicious Domain Names Detection Algorithm Based on Lexical Analysis and Feature Quantification | |
Zhao, Hong2; Chang, Zhaobin2; Wang, Weijie2; Zeng, Xiangyan1 | |
刊名 | IEEE ACCESS
![]() |
2019 | |
卷号 | 7页码:128990-128999 |
关键词 | Malicious domain names N-gram domain name substring edit distance reputation value |
ISSN号 | 2169-3536 |
DOI | 10.1109/ACCESS.2019.2940554 |
英文摘要 | Malicious domain names usually refer to a series of illegal activities, posing threats to people's privacy and property. Therefore, the problem of detecting malicious domain names has aroused widespread concerns. In this study, a malicious domain names detection algorithm based on lexical analysis and feature quantification is proposed. To achieve efficient and accurate detection, the method includes two phases. The first phase checks an observed domain name against a blacklist of known malicious uniform resource locator (URLs). The observed domain name is classified as being definitely malicious or potentially malicious based on its edit distances to the domain names on the blacklist. The second phase further evaluates a potential malicious domain name by its reputation value that represents its lexical feature and is calculated based on an N-gram model. The top 100,000 normal domain names in Alexa are used to obtain a whitelist substring set using the N-gram method in which each domain name excluding the top-level domain is segmented into substrings with the length of 3, 4, 5, 6 and 7. The weighted values of the substrings are calculated according to their occurrence counts in the whitelist substring set. A potential malicious domain name is segmented by the N-gram method and its reputation value is calculated based on the weighted values of its substrings. Finally, the potential malicious domain name is determined to be malicious or normal based on its reputation value. The effectiveness of the proposed detection method has been demonstrated by experiments on public available data. |
资助项目 | Gansu Science Foundation of China[18JR3RA156] |
WOS研究方向 | Computer Science ; Engineering ; Telecommunications |
语种 | 英语 |
出版者 | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC |
WOS记录号 | WOS:000487233800068 |
状态 | 已发表 |
内容类型 | 期刊论文 |
源URL | [http://119.78.100.223/handle/2XXMBERH/32246] ![]() |
专题 | 计算机与通信学院 |
通讯作者 | Chang, Zhaobin |
作者单位 | 1.Ft Valley State Univ, Dept Math & Comp Sci, Ft Valley, GA 31030 USA 2.Lanzhou Univ Technol, Sch Comp & Commun, Lanzhou 730050, Gansu, Peoples R China |
推荐引用方式 GB/T 7714 | Zhao, Hong,Chang, Zhaobin,Wang, Weijie,et al. Malicious Domain Names Detection Algorithm Based on Lexical Analysis and Feature Quantification[J]. IEEE ACCESS,2019,7:128990-128999. |
APA | Zhao, Hong,Chang, Zhaobin,Wang, Weijie,&Zeng, Xiangyan.(2019).Malicious Domain Names Detection Algorithm Based on Lexical Analysis and Feature Quantification.IEEE ACCESS,7,128990-128999. |
MLA | Zhao, Hong,et al."Malicious Domain Names Detection Algorithm Based on Lexical Analysis and Feature Quantification".IEEE ACCESS 7(2019):128990-128999. |
个性服务 |
查看访问统计 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论