Detecting Algorithmically Generated Domains Using a GCNN-LSTM Hybrid Neural Network

• URL: http://arxiv.org/abs/2208.03445v1
• Date: Sat, 6 Aug 2022 05:15:45 GMT
• Title: Detecting Algorithmically Generated Domains Using a GCNN-LSTM Hybrid Neural Network
• Authors: Zheng Wang
• Abstract summary: Domain generation algorithm (DGA) is used by botnets to build a stealthy command and control (C&C) communication channel. AGD detection algorithms provide a lightweight, promising solution in response to the existing DGA techniques. In this paper, a GCNN (gated convolutional neural network)-LSTM (long short-term memory) Hybrid Neural Network (GLHNN) for AGD detection is proposed.
• Score: 10.617124610646488
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Domain generation algorithm (DGA) is used by botnets to build a stealthy command and control (C&C) communication channel between the C&C server and the bots. A DGA can periodically produce a large number of pseudo-random algorithmically generated domains (AGDs). AGD detection algorithms provide a lightweight, promising solution in response to the existing DGA techniques. In this paper, a GCNN (gated convolutional neural network)-LSTM (long short-term memory) Hybrid Neural Network (GLHNN) for AGD detection is proposed. In GLHNN, GCNN is applied to extract the informative features from domain names on top of LSTM which further processes the feature sequence. GLHNN is experimentally validated using representative AGDs covering six classes of DGAs. GLHNN is compared with the state-of-the-art detection models and demonstrates the best overall detection performance among these tested models.

Related papers

• High-Pass Graph Convolutional Network for Enhanced Anomaly Detection: A Novel Approach [0.0]
  This paper proposes a novel approach by introducing a High-Pass Graph Convolution Network (HP-GCN) for Graph Anomaly Detection (GAD) The proposed HP-GCN leverages high-frequency components to detect anomalies, as anomalies tend to increase high-frequency signals within the network of normal nodes. The model is evaluated and validated on YelpChi, Amazon, T-Finance, and T-Social datasets.
  arXiv  Detail & Related papers  (2024-11-04T05:38:07Z)
• Global Confidence Degree Based Graph Neural Network for Financial Fraud Detection [3.730504020733928]
  This paper presents the concept and calculation formula of Global Confidence Degree (GCD) and thus designs GCD-based GNN (GCD-GNN) To obtain a precise GCD for each node, we use a multilayer perceptron to transform features and then the new features and the corresponding prototype are used to eliminate unnecessary information. Experiments on two public datasets demonstrate that GCD-GNN outperforms state-of-the-art baselines.
  arXiv  Detail & Related papers  (2024-07-24T14:55:37Z)
• Edge Graph Neural Networks for Massive MIMO Detection [15.970981766599035]
  Massive Multiple-Input Multiple-Out (MIMO) detection is an important problem in modern wireless communication systems. While traditional Belief Propagation (BP) detectors perform poorly on loopy graphs, the recent Graph Neural Networks (GNNs)-based method can overcome the drawbacks of BP and achieve superior performance.
  arXiv  Detail & Related papers  (2022-05-22T08:01:47Z)
• HSMD: An object motion detection algorithm using a Hybrid Spiking Neural Network Architecture [0.2580765958706854]
  Object-motion-sensitive ganglion cells (OMS-GC) are specialised cells in the retina that sense moving objects. OMS-GC take as input continuous signals and produce spike patterns as output, that are transmitted to the Visual Cortex via the optic nerve. HSMD algorithm proposed in this work enhances the GSOC dynamic background subtraction (DBS) algorithm with a customised 3-layer spiking neural network (SNN) Results show that the HSMD was ranked overall first among the competing approaches.
  arXiv  Detail & Related papers  (2021-09-09T09:15:56Z)
• Identity-aware Graph Neural Networks [63.6952975763946]
  We develop a class of message passing Graph Neural Networks (ID-GNNs) with greater expressive power than the 1-WL test. ID-GNN extends existing GNN architectures by inductively considering nodes' identities during message passing. We show that transforming existing GNNs to ID-GNNs yields on average 40% accuracy improvement on challenging node, edge, and graph property prediction tasks.
  arXiv  Detail & Related papers  (2021-01-25T18:59:01Z)
• A Unified View on Graph Neural Networks as Graph Signal Denoising [49.980783124401555]
  Graph Neural Networks (GNNs) have risen to prominence in learning representations for graph structured data. In this work, we establish mathematically that the aggregation processes in a group of representative GNN models can be regarded as solving a graph denoising problem. We instantiate a novel GNN model, ADA-UGNN, derived from UGNN, to handle graphs with adaptive smoothness across nodes.
  arXiv  Detail & Related papers  (2020-10-05T04:57:18Z)
• Enhancing Graph Neural Network-based Fraud Detectors against Camouflaged Fraudsters [78.53851936180348]
  We introduce two types of camouflages based on recent empirical studies, i.e., the feature camouflage and the relation camouflage. Existing GNNs have not addressed these two camouflages, which results in their poor performance in fraud detection problems. We propose a new model named CAmouflage-REsistant GNN (CARE-GNN) to enhance the GNN aggregation process with three unique modules against camouflages.
  arXiv  Detail & Related papers  (2020-08-19T22:33:12Z)
• LGNN: A Context-aware Line Segment Detector [53.424521592941936]
  We present a novel real-time line segment detection scheme called Line Graph Neural Network (LGNN) Our LGNN employs a deep convolutional neural network (DCNN) for proposing line segment directly, with a graph neural network (GNN) module for reasoning their connectivities. Compared with the state-of-the-art, LGNN achieves near real-time performance without compromising accuracy.
  arXiv  Detail & Related papers  (2020-08-13T13:23:18Z)
• Graph Neural Networks for Motion Planning [108.51253840181677]
  We present two techniques, GNNs over dense fixed graphs for low-dimensional problems and sampling-based GNNs for high-dimensional problems. We examine the ability of a GNN to tackle planning problems such as identifying critical nodes or learning the sampling distribution in Rapidly-exploring Random Trees (RRT) Experiments with critical sampling, a pendulum and a six DoF robot arm show GNNs improve on traditional analytic methods as well as learning approaches using fully-connected or convolutional neural networks.
  arXiv  Detail & Related papers  (2020-06-11T08:19:06Z)
• Binarized Graph Neural Network [65.20589262811677]
  We develop a binarized graph neural network to learn the binary representations of the nodes with binary network parameters. Our proposed method can be seamlessly integrated into the existing GNN-based embedding approaches. Experiments indicate that the proposed binarized graph neural network, namely BGN, is orders of magnitude more efficient in terms of both time and space.
  arXiv  Detail & Related papers  (2020-04-19T09:43:14Z)
• Real-Time Detection of Dictionary DGA Network Traffic using Deep Learning [5.915780927888678]
  Botnets and malware avoid detection by static rules engines when using domain generation algorithms (DGAs) for callouts to unique, dynamically generated web addresses. Common DGA detection techniques fail to reliably detect DGA variants that combine random dictionary words to create domain names that closely mirror legitimate domains. We create a novel hybrid neural network, Bilbo the bagging model, that analyses domains and scores the likelihood they are generated by such algorithms and therefore are potentially malicious.
  arXiv  Detail & Related papers  (2020-03-28T14:57:22Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.