Graph-based fast-flux domain detection using graph neural networks
文献类型:期刊论文
| 作者 | Xiong, Wei1,2,3; Wang, Yang2; Jiang, Haiyang2; Guan, Hongtao2 |
| 刊名 | COMPUTER NETWORKS
 |
| 出版日期 | 2026-04-01 |
| 卷号 | 278页码:13 |
| 关键词 | Fast-flux domain detection Network security Graph representation Graph sampling Graph neural networks |
| ISSN号 | 1389-1286 |
| DOI | 10.1016/j.comnet.2026.112075 |
| 英文摘要 | Fast-flux domains are frequently exploited by cybercriminals to perform various attacks, making their detection crucial for maintaining network security. Traditional detection methods rely on manually defined statistical indicators to characterize the spatial distribution of a domain's associated hosts, including the resolved hosts and authoritative name servers. However, given the increasingly decentralized nature of internet services, these statistical indicators may fail to capture the feature completely, resulting in inaccurate detection. To address this limitation, our proposed method leverages a graph structure to not only provide a more comprehensive representation of the existing feature but also incorporate a supplementary feature considering the spatial distribution between a domain's client and the resolved hosts assigned to it. At the same time, we customize a graph sampling method to avoid significant increase in detection time caused by excessive graph size. To determine whether the constructed graph represents a fast-flux or benign domain, twelve types of Graph Neural Network (GNN) models, formed by pairwise combinations of three graph convolution methods and four graph pooling methods, are examined. Evaluation datasets are constructed from both public sources and real-world data, demonstrating that the GAT-SAG model performs optimally among the twelve GNN models and significantly outperforms state-of-the-art statistics-based models in terms of accuracy, with only a tolerable increase in time consumption. |
| 资助项目 | National Key Research and Development Program of China |
| WOS研究方向 | Computer Science ; Engineering ; Telecommunications |
| 语种 | 英语 |
| WOS记录号 | WOS:001693413100001 |
| 出版者 | ELSEVIER |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/42785]  |
| 专题 | 中国科学院计算技术研究所 |
| 通讯作者 | Xiong, Wei |
| 作者单位 | 1.Univ Chinese Acad Sci, Hangzhou Inst Adv Study, Hangzhou, Peoples R China 2.Chinese Acad Sci, Inst Comp Technol, Beijing, Peoples R China 3.Univ Chinese Acad Sci, Beijing, Peoples R China |
| 推荐引用方式 GB/T 7714 | Xiong, Wei,Wang, Yang,Jiang, Haiyang,et al. Graph-based fast-flux domain detection using graph neural networks[J]. COMPUTER NETWORKS,2026,278:13. |
| APA | Xiong, Wei,Wang, Yang,Jiang, Haiyang,&Guan, Hongtao.(2026).Graph-based fast-flux domain detection using graph neural networks.COMPUTER NETWORKS,278,13. |
| MLA | Xiong, Wei,et al."Graph-based fast-flux domain detection using graph neural networks".COMPUTER NETWORKS 278(2026):13. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。