Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2018-04-19 Cooperative journals: 《计算机应用研究》
Abstract: Many malware families such as botnet utilize domain generation algorithms(DGAs) to evade detection at present. The mainstream detection algorithms based on artificial rules and machine learning have some limitations due to the fact that DGAs generate domain characters timely and rapidly. The former is somewhat blind to new DGA variants. The latter suffers from the lack of evolving training data. In order to solve these problems, domain encoder and decoder on account of the method of Ascall encoding was defined in this paper and they were combined with the concept of generative adversarial network(GAN) to construct domain character generator. Then the generator was used to predict and generate DGA variants. Experiment results show that the DGA variants generated by this method can act as real DGA samples when these variants are utilized to train and estimate classifiers . This verifies the validity of the generated data and they can be effectively utilized to train and estimate DGA domain detector.
Hits
Hits
Downloads
Comment