CSpace  > 中国科学院计算技术研究所期刊论文
HANDOM: Heterogeneous Attention Network Model for Malicious Domain Detection
Wang, Qing1,2; Dong, Cong3; Jian, Shijie4; Du, Dan1,2; Lu, Zhigang1,2; Qi, Yinhao1,2; Han, Dongxu1,2; Ma, Xiaobo5; Wang, Fei6; Liu, Yuling1,2
2023-02-01
发表期刊COMPUTERS & SECURITY
ISSN0167-4048
卷号125页码:14
摘要Malicious domains are crucial vectors for attackers to conduct malicious activities. With the increasing numbers in domain-based attack activities and the enhancement of attacker evasion methods, the de-tection of malicious domains has become critical and increasingly difficult. Statistical feature-based and graph structure-based detection methods are mainstream technical approaches. However, highly hidden domains can escape feature detection, and the detection range of graph structure-based methods is lim-ited. Based on these, we propose a malicious detection method called HANDOM. HANDOM combines statistical features and graph structural information to neutralize their limitations, and uses the Hetero-geneous Attention Network (HAN) model to jointly handle both information to achieve high-performance malicious domain classification. We conduct experimental evaluations on real-world datasets and com-pare HANDOM with machine learning methods and other malicious detection methods. The results present that HANDOM has superior and robust performance, and can identify highly hidden domains.(c) 2022 Elsevier Ltd. All rights reserved.
关键词Malware domain detection Spatial -Temporal contextual correlation Heterogeneous attention network Statistical -and -Structural information
DOI10.1016/j.cose.2022.103059
收录类别SCI
语种英语
资助项目National Key Research and Development Program of China[2021YFF0307203] ; National Key Research and Development Program of China[2019QY1303] ; National Key Research and Development Program of China[2019QY1302] ; NSFC[61902376] ; Strategic Priority Research Program of the Chinese Academy of Sciences[XDC02040100] ; National Engineering Research Center of Classified Protection and Safeguard Technology for Cybersecurity[C21640-3] ; NIM RD Project[35-AKYZD20 08-3] ; Program of Key Laboratory of Network Assessment Technology ; Chinese Academy of Sciences ; Program of Beijing Key Laboratory of Network Security and Protection Technology
WOS研究方向Computer Science
WOS类目Computer Science, Information Systems
WOS记录号WOS:000911578800001
出版者ELSEVIER ADVANCED TECHNOLOGY
引用统计
被引频次:4[WOS]   [WOS记录]     [WOS相关记录]
文献类型期刊论文
条目标识符http://119.78.100.204/handle/2XEOYT63/20082
专题中国科学院计算技术研究所期刊论文
通讯作者Liu, Yuling
作者单位1.Chinese Acad Sci, Inst Informat Engn, Beijing, Peoples R China
2.Univ Chinese Acad Sci, Sch Cyber Secur, Beijing, Peoples R China
3.Zhongguancun Lab, Beijing, Peoples R China
4.Minist Publ Secur, Res Inst 1, Beijing, Peoples R China
5.Xi An Jiao Tong Univ, Sch Comp Sci & Technol, Xian, Peoples R China
6.Chinese Acad Sci, Inst Comp Technol, Beijing, Peoples R China
推荐引用方式
GB/T 7714
Wang, Qing,Dong, Cong,Jian, Shijie,et al. HANDOM: Heterogeneous Attention Network Model for Malicious Domain Detection[J]. COMPUTERS & SECURITY,2023,125:14.
APA Wang, Qing.,Dong, Cong.,Jian, Shijie.,Du, Dan.,Lu, Zhigang.,...&Liu, Yuling.(2023).HANDOM: Heterogeneous Attention Network Model for Malicious Domain Detection.COMPUTERS & SECURITY,125,14.
MLA Wang, Qing,et al."HANDOM: Heterogeneous Attention Network Model for Malicious Domain Detection".COMPUTERS & SECURITY 125(2023):14.
条目包含的文件
条目无相关文件。
个性服务
推荐该条目
保存到收藏夹
查看访问统计
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Wang, Qing]的文章
[Dong, Cong]的文章
[Jian, Shijie]的文章
百度学术
百度学术中相似的文章
[Wang, Qing]的文章
[Dong, Cong]的文章
[Jian, Shijie]的文章
必应学术
必应学术中相似的文章
[Wang, Qing]的文章
[Dong, Cong]的文章
[Jian, Shijie]的文章
相关权益政策
暂无数据
收藏/分享
所有评论 (0)
暂无评论
 

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。