HANDOM: Heterogeneous Attention Network Model for Malicious Domain Detection
文献类型:期刊论文
作者 | Wang, Qing5,6; Dong, Cong4; Jian, Shijie3; Du, Dan5,6; Lu, Zhigang5,6; Qi, Yinhao5,6; Han, Dongxu5,6; Ma, Xiaobo2; Wang, Fei1; Liu, Yuling5,6 |
刊名 | COMPUTERS & SECURITY |
出版日期 | 2023-02-01 |
卷号 | 125页码:14 |
ISSN号 | 0167-4048 |
关键词 | Malware domain detection Spatial -Temporal contextual correlation Heterogeneous attention network Statistical -and -Structural information |
DOI | 10.1016/j.cose.2022.103059 |
英文摘要 | Malicious domains are crucial vectors for attackers to conduct malicious activities. With the increasing numbers in domain-based attack activities and the enhancement of attacker evasion methods, the de-tection of malicious domains has become critical and increasingly difficult. Statistical feature-based and graph structure-based detection methods are mainstream technical approaches. However, highly hidden domains can escape feature detection, and the detection range of graph structure-based methods is lim-ited. Based on these, we propose a malicious detection method called HANDOM. HANDOM combines statistical features and graph structural information to neutralize their limitations, and uses the Hetero-geneous Attention Network (HAN) model to jointly handle both information to achieve high-performance malicious domain classification. We conduct experimental evaluations on real-world datasets and com-pare HANDOM with machine learning methods and other malicious detection methods. The results present that HANDOM has superior and robust performance, and can identify highly hidden domains.(c) 2022 Elsevier Ltd. All rights reserved. |
资助项目 | National Key Research and Development Program of China[2021YFF0307203] ; National Key Research and Development Program of China[2019QY1303] ; National Key Research and Development Program of China[2019QY1302] ; NSFC[61902376] ; Strategic Priority Research Program of the Chinese Academy of Sciences[XDC02040100] ; National Engineering Research Center of Classified Protection and Safeguard Technology for Cybersecurity[C21640-3] ; NIM RD Project[35-AKYZD20 08-3] ; Program of Key Laboratory of Network Assessment Technology ; Chinese Academy of Sciences ; Program of Beijing Key Laboratory of Network Security and Protection Technology |
WOS研究方向 | Computer Science |
语种 | 英语 |
出版者 | ELSEVIER ADVANCED TECHNOLOGY |
WOS记录号 | WOS:000911578800001 |
源URL | [http://119.78.100.204/handle/2XEOYT63/20081] |
专题 | 中国科学院计算技术研究所期刊论文 |
通讯作者 | Liu, Yuling |
作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, Beijing, Peoples R China 2.Xi An Jiao Tong Univ, Sch Comp Sci & Technol, Xian, Peoples R China 3.Minist Publ Secur, Res Inst 1, Beijing, Peoples R China 4.Zhongguancun Lab, Beijing, Peoples R China 5.Univ Chinese Acad Sci, Sch Cyber Secur, Beijing, Peoples R China 6.Chinese Acad Sci, Inst Informat Engn, Beijing, Peoples R China |
推荐引用方式 GB/T 7714 | Wang, Qing,Dong, Cong,Jian, Shijie,et al. HANDOM: Heterogeneous Attention Network Model for Malicious Domain Detection[J]. COMPUTERS & SECURITY,2023,125:14. |
APA | Wang, Qing.,Dong, Cong.,Jian, Shijie.,Du, Dan.,Lu, Zhigang.,...&Liu, Yuling.(2023).HANDOM: Heterogeneous Attention Network Model for Malicious Domain Detection.COMPUTERS & SECURITY,125,14. |
MLA | Wang, Qing,et al."HANDOM: Heterogeneous Attention Network Model for Malicious Domain Detection".COMPUTERS & SECURITY 125(2023):14. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。