A semantic element representation model for malicious domain name detection. (May 2022)
- Record Type:
- Journal Article
- Title:
- A semantic element representation model for malicious domain name detection. (May 2022)
- Main Title:
- A semantic element representation model for malicious domain name detection
- Authors:
- Yang, Luhui
Liu, Guangjie
Wang, Jinwei
Zhai, Jiangtao
Dai, Yuewei - Abstract:
- Abstract: The existing detection methods of algorithmically generated malicious domain names lack theoretical modelling methods for domain name element composition. To address this problem, a semantic element representation model for domain names is constructed based on the set of semantic elements of domain names and the probabilistic context free grammar model. The model first analyses and categorises the constituent elements of the domain name, and then proposes a syntax tree analysis method for the semantical relationships between the elements, which enables efficient representation of multiple elements in domain names. Based on the proposed model, the malicious domain names are categorised into four categories: random character-based, word-based, predicted character-based, and multi-element hybrid. Experiments are conducted to analyse the anomalies and concealment of domain names, the results denote that there are significant differences between malicious and legitimate domain names, as well as between malicious domain names, and the comparative experimental results denote the proposed model can effectively improve the detection accuracy of malicious domain names.
- Is Part Of:
- Journal of information security and applications. Volume 66(2022)
- Journal:
- Journal of information security and applications
- Issue:
- Volume 66(2022)
- Issue Display:
- Volume 66, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 66
- Issue:
- 2022
- Issue Sort Value:
- 2022-0066-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-05
- Subjects:
- Domain generation algorithms -- Representation model -- Malicious domain name -- Information security
Computer security -- Periodicals
Information technology -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/ ↗
- DOI:
- 10.1016/j.jisa.2022.103148 ↗
- Languages:
- English
- ISSNs:
- 2214-2126
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 21235.xml