Relevant bibliographies by topics / Domain Generation Algorithm (DGA)

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Book chapters
  4. Conference papers
  5. Reports

Academic literature on the topic 'Domain Generation Algorithm (DGA)'

Author: Grafiati
Published: 5 June 2025
Last updated: 15 July 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Domain Generation Algorithm (DGA).'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Domain Generation Algorithm (DGA)"

1

Hwang, Chanwoong, Hyosik Kim, Hooki Lee, and Taejin Lee. "Effective DGA-Domain Detection and Classification with TextCNN and Additional Features." Electronics 9, no. 7 (2020): 1070. http://dx.doi.org/10.3390/electronics9071070.

Full text
Abstract:
Malicious codes, such as advanced persistent threat (APT) attacks, do not operate immediately after infecting the system, but after receiving commands from the attacker’s command and control (C&C) server. The system infected by the malicious code tries to communicate with the C&C server through the IP address or domain address of the C&C server. If the IP address or domain address is hard-coded inside the malicious code, it can analyze the malicious code to obtain the address and block access to the C&C server through security policy. In order to circumvent this address blocking technique, domain generation algorithms are included in the malware to dynamically generate domain addresses. The domain generation algorithm (DGA) generates domains randomly, so it is very difficult to identify and block malicious domains. Therefore, this paper effectively detects and classifies unknown DGA domains. We extract features that are effective for TextCNN-based label prediction, and add additional domain knowledge-based features to improve our model for detecting and classifying DGA-generated malicious domains. The proposed model achieved 99.19% accuracy for DGA classification and 88.77% accuracy for DGA class classification. We expect that the proposed model can be applied to effectively detect and block DGA-generated domains.
APA, Harvard, Vancouver, ISO, and other styles
2

Zhai, You, Liqun Yang, Jian Yang, Longtao He, and Zhoujun Li. "BadDGA: Backdoor Attack on LSTM-Based Domain Generation Algorithm Detector." Electronics 12, no. 3 (2023): 736. http://dx.doi.org/10.3390/electronics12030736.

Full text
Abstract:
Due to the outstanding performance of deep neural networks (DNNs), many researchers have begun to transfer deep learning techniques to their fields. To detect algorithmically generated domains (AGDs) generated by domain generation algorithm (DGA) in botnets, a long short-term memory (LSTM)-based DGA detector has achieved excellent performance. However, the previous DNNs have found various inherent vulnerabilities, so cyberattackers can use these drawbacks to deceive DNNs, misleading DNNs into making wrong decisions. Backdoor attack as one of the popular attack strategies strike against DNNs has attracted widespread attention in recent years. In this paper, to cheat the LSTM-based DGA detector, we propose BadDGA, a backdoor attack against the LSTM-based DGA detector. Specifically, we offer four backdoor attack trigger construction methods: TLD-triggers, Ngram-triggers, Word-triggers, and IDN-triggers. Finally, we evaluate BadDGA on ten popular DGA datasets. The experimental results show that under the premise of 1‰ poisoning rate, our proposed backdoor attack can achieve a 100% attack success rate to verify the effectiveness of our method. Meanwhile, the model’s utility on clean data is influenced slightly.
APA, Harvard, Vancouver, ISO, and other styles
3

P, Karunakaran. "Deep Learning Approach to DGA Classification for Effective Cyber Security." December 2020 2, no. 4 (2021): 203–13. http://dx.doi.org/10.36548/jucct.2020.4.003.

Full text
Abstract:
In recent years, invaders are increasing rapidly in an internet world. Generally, in order to detect the anonymous attackers algorithm needs more number of features. Many algorithms fail in the efficiency of detection malicious code. Immediately this codes will not infect the system; it will attack server after communicate later. Our research focuses on analyzing the traffic of botnets for the domain name determination to the IP address of the server. This botnet creates the domain name differently. Many domains are generated by attackers and create the huge Domain Name System (DNS) traffic. In this research paper, uses both public and real time environments datasets to detect the text features as well as knowledge based feature extraction. The classifying of Domain Generation Algorithm (DGA) generated malicious domains randomly making the efficiency down in many algorithms which were used preprocessing without proper feature extraction. Effectively, our proposed algorithm is used to detect DGA which generates malicious domains randomly. This effective detection of our proposed algorithm performs with text based label prediction and additional features for extraction to improve the efficiency of the model. Our proposed model achieved 94.9% accuracy for DGA classification with help of additional feature extraction and knowledge based extraction in the deep learning architecture.
APA, Harvard, Vancouver, ISO, and other styles
4

Sun, Xinjie, and Zhifang Liu. "Domain generation algorithms detection with feature extraction and Domain Center construction." PLOS ONE 18, no. 1 (2023): e0279866. http://dx.doi.org/10.1371/journal.pone.0279866.

Full text
Abstract:
Network attacks using Command and Control (C&C) servers have increased significantly. To hide their C&C servers, attackers often use Domain Generation Algorithms (DGA), which automatically generate domain names for C&C servers. Researchers have constructed many unique feature sets and detected DGA domains through machine learning or deep learning models. However, due to the limited features contained in the domain name, the DGA detection results are limited. In order to overcome this problem, the domain name features, the Whois features and the N-gram features are extracted for DGA detection. To obtain the N-gram features, the domain name whitelist and blacklist substring feature sets are constructed. In addition, a deep learning model based on BiLSTM, Attention and CNN is constructed. Additionally, the Domain Center is constructed for fast classification of domain names. Multiple comparative experiment results prove that the proposed model not only gets the best Accuracy, Precision, Recall and F1, but also greatly reduces the detection time.
APA, Harvard, Vancouver, ISO, and other styles
5

Zou, Futai, Linsen Li, Yue Wu, Jianhua Li, Siyu Zhang, and Kaida Jiang. "Detecting Domain-Flux Malware Using DNS Failure Traffic." International Journal of Software Engineering and Knowledge Engineering 28, no. 02 (2018): 151–73. http://dx.doi.org/10.1142/s0218194018400016.

Full text
Abstract:
Domain-Flux malware is hard to detect because of the variable C&C (Command and Control) domains which were randomly generated by the technique of domain generation algorithm (DGA). In this paper, we propose a Domain-Flux malware detection approach based on DNS failure traffic. The approach fully leverages the behavior of DNS failure traffic to recognize nine features, and then mines the DGA-generated domains by a clustering algorithm and determinable rules. Theoretical analysis and experimental results verify its efficiency with both test dataset and real-world dataset. On the test dataset, our approach can achieve a true positive rate of 99.82% at false positive rate of 0.39%. On the real-world dataset, the approach can also achieve a relatively high precision of 98.3% and find out 197,026 DGA domains by analyzing DNS traffic in campus network for seven days. We found 1213 hosts of Domain-Flux malware existing on campus network, including the known Conficker, Fosniw and several new Domain-Flux malwares that have never been reported before. We classified 197,026 DGA domains and gave the representative generated patterns for a better understanding of the Domain-Flux mechanism.
APA, Harvard, Vancouver, ISO, and other styles
6

Yang, Cheng, Tianliang Lu, Shangyi Yan, Jianling Zhang, and Xingzhan Yu. "N-Trans: Parallel Detection Algorithm for DGA Domain Names." Future Internet 14, no. 7 (2022): 209. http://dx.doi.org/10.3390/fi14070209.

Full text
Abstract:
Domain name generation algorithms are widely used in malware, such as botnet binaries, to generate large sequences of domain names of which some are registered by cybercriminals. Accurate detection of malicious domains can effectively defend against cyber attacks. The detection of such malicious domain names by the use of traditional machine learning algorithms has been explored by many researchers, but still is not perfect. To further improve on this, we propose a novel parallel detection model named N-Trans that is based on the N-gram algorithm with the Transformer model. First, we add flag bits to the first and last positions of the domain name for the parallel combination of the N-gram algorithm and Transformer framework to detect a domain name. The model can effectively extract the letter combination features and capture the position features of letters in the domain name. It can capture features such as the first and last letters in the domain name and the position relationship between letters. In addition, it can accurately distinguish between legitimate and malicious domain names. In the experiment, the dataset is the legal domain name of Alexa and the malicious domain name collected by the 360 Security Lab. The experimental results show that the parallel detection model based on N-gram and Transformer achieves 96.97% accuracy for DGA malicious domain name detection. It can effectively and accurately identify malicious domain names and outperforms the mainstream malicious domain name detection algorithms.
APA, Harvard, Vancouver, ISO, and other styles
7

Qiao, Yanchen, Bin Zhang, Weizhe Zhang, Arun Kumar Sangaiah, and Hualong Wu. "DGA Domain Name Classification Method Based on Long Short-Term Memory with Attention Mechanism." Applied Sciences 9, no. 20 (2019): 4205. http://dx.doi.org/10.3390/app9204205.

Full text
Abstract:
Currently, many cyberattacks use the Domain Generation Algorithm (DGA) to generate random domain names, so as to maintain communication with the Communication and Control (C&C) server. Discovering DGA domain names in advance could help to detect attacks and response in time. However, in recent years, the General Data Protection Regulation (GDPR) has been promulgated and implemented, and the method of DGA classification based on the context information, such as the WHOIS (the information about the registered users or assignees of the domain name) , is no longer applicable. At the same time, acquiring the DGA algorithm by reversing malware samples encounters the problem of no malware samples for various reasons, such as fileless malware. We propose a DGA domain name classification method based on Long Short-Term Memory (LSTM) with attention mechanism. This method is oriented to the character sequence of the domain name, and it uses the LSTM combined with attention mechanism to construct the DGA domain name classifier to achieve the rapid classification of domain names. The experimental results show that the method has a good classification result.
APA, Harvard, Vancouver, ISO, and other styles
8

Namgung, Juhong, Siwoon Son, and Yang-Sae Moon. "Efficient Deep Learning Models for DGA Domain Detection." Security and Communication Networks 2021 (January 18, 2021): 1–15. http://dx.doi.org/10.1155/2021/8887881.

Full text
Abstract:
In recent years, cyberattacks using command and control (C&C) servers have significantly increased. To hide their C&C servers, attackers often use a domain generation algorithm (DGA), which automatically generates domain names for the C&C servers. Accordingly, extensive research on DGA domain detection has been conducted. However, existing methods cannot accurately detect continuously generated DGA domains and can easily be evaded by an attacker. Recently, long short-term memory- (LSTM-) based deep learning models have been introduced to detect DGA domains in real time using only domain names without feature extraction or additional information. In this paper, we propose an efficient DGA domain detection method based on bidirectional LSTM (BiLSTM), which learns bidirectional information as opposed to unidirectional information learned by LSTM. We further maximize the detection performance with a convolutional neural network (CNN) + BiLSTM ensemble model using Attention mechanism, which allows the model to learn both local and global information in a domain sequence. Experimental results show that existing CNN and LSTM models achieved F1-scores of 0.9384 and 0.9597, respectively, while the proposed BiLSTM and ensemble models achieved higher F1-scores of 0.9618 and 0.9666, respectively. In addition, the ensemble model achieved the best performance for most DGA domain classes, enabling more accurate DGA domain detection than existing models.
APA, Harvard, Vancouver, ISO, and other styles
9

Selvaraj, Sarojini, and Rukmani Panjanathan. "WordDGA: Hybrid Knowledge-Based Word-Level Domain Names Against DGA Classifiers and Adversarial DGAs." Informatics 11, no. 4 (2024): 92. http://dx.doi.org/10.3390/informatics11040092.

Full text
Abstract:
A Domain Generation Algorithm (DGA) employs botnets to generate domain names through a communication link between the C&C server and the bots. A DGA can generate pseudo-random AGDs (algorithmically generated domains) regularly, a handy method for detecting bots on the C&C server. Unlike current DGA detection methods, AGDs can be identified with lightweight, promising technology. DGAs can prolong the life of a viral operation, improving its profitability. Recent research on the sensitivity of deep learning to various adversarial DGAs has sought to enhance DGA detection techniques. They have character- and word-level classifiers; hybrid-level classifiers may detect and classify AGDs generated by DGAs, significantly diminishing the effectiveness of DGA classifiers. This work introduces WordDGA, a hybrid RCNN-BiLSTM-based adversarial DGA with strong anti-detection capabilities based on NLP and cWGAN, which offers word- and hybrid-level evasion techniques. It initially models the semantic relationships between benign and DGA domains by constructing a prediction model with a hybrid RCNN-BiLSTM network. To optimize the similarity between benign and DGA domain names, it modifies phrases from each input domain using the prediction model to detect DGA family categorizations. The experimental results reveal that dodging numerous wordlists and mixed-level DGA classifiers with training and testing sets improves word repetition rate, domain collision rate, attack success rate, and detection rate, indicating the usefulness of cWGAN-based oversampling in the face of adversarial DGAs.
APA, Harvard, Vancouver, ISO, and other styles
10

Anoop, Reddy Thatipalli, Aravamudu Preetham, Kartheek K., and Dennisan Aju. "Exploring and comparing various machine and deep learning technique algorithms to detect domain generation algorithms of malicious variants." Computer Science and Information Technologies 3, no. 2 (2022): 94–103. https://doi.org/10.11591/csit.v3i2.pp94-103.

Full text
Abstract:
Domain generation algorithm (DGA) is used as the main source of script in different groups of malwares, which generates the domain names of points and will further be used for command-and-control servers. The security measures usually identify the malware but the domain name algorithms will be updating themselves in order to avoid the less efficient older security detection methods. The reason being the older detection methods does not use either the machine learning or deep learning algorithms to detect the DGAs. Thus, the impact of incorporating the machine learning and deep learning techniques to detect the DGA is well discussed. As a result, they can create a huge number of domains to avoid debar and henceforth, block the hackers and zombie systems with the older methods itself. The main purpose of this research work is to compare and analyse by implementing various machine learning algorithms that suits the respective dataset yielding better results. In this research paper, the obtained dataset is pre-processed and the respective data is processed by different machine learning algorithms such as random forest (RF), support vector machine (SVM), Naive Bayes classifier, H20 AutoML, convolutional neural network (CNN), long shortterm memory neural network (LSTM) for the classification. It is observed and understood that the LSTM provides a better classification efficiency of 98% and the H20 AutoML method giving the least efficiency of 75%.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Domain Generation Algorithm (DGA)"

1

Brandt, Carl-Simon, Jonathan Kleivard, and Andreas Turesson. "Convolutional, adversarial and random forest-based DGA detection : Comparative study for DGA detection with different machine learning algorithms." Thesis, Högskolan i Skövde, Institutionen för informationsteknologi, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-20103.

Full text
Abstract:
Malware is becoming more intelligent as static methods for blocking communication with Command and Control (C&C) server are becoming obsolete. Domain Generation Algorithms (DGAs) are a common evasion technique that generates pseudo-random domain names to communicate with C&C servers in a difficult way to detect using handcrafted methods. Trying to detect DGAs by looking at the domain name is a broad and efficient approach to detect malware-infected hosts. This gives us the possibility of detecting a wider assortment of malware compared to other techniques, even without knowledge of the malware’s existence. Our study compared the effectiveness of three different machine learning classifiers: Convolutional Neural Network (CNN), Generative Adversarial Network (GAN) and Random Forest (RF) when recognizing patterns and identifying these pseudo-random domains. The result indicates that CNN differed significantly from GAN and RF. It achieved 97.46% accuracy in the final evaluation, while RF achieved 93.89% and GAN achieved 60.39%. In the future, network traffic (efficiency) could be a key component to examine, as productivity may be harmed if the networkis over burdened by domain identification using machine learning algorithms.
APA, Harvard, Vancouver, ISO, and other styles
2

Spa, Carvajal Carlos. "Time-domain numerical methods in room acoustics simulations." Doctoral thesis, Universitat Pompeu Fabra, 2009. http://hdl.handle.net/10803/7565.

Full text
Abstract:
L'acústica de sales s'encarrega de l'estudi del comportament de les ones sonores en espais tancats.La informació acústica de qualsevol entorn, coneguda com la resposta impulsional, pot ser expressada en termes del camp acústic com una funció de l'espai i el temps. En general, és impossible obtenir solucions analítiques de funcions resposta en habitacions reals. Per tant, en aquests últims anys, l'ús d'ordinadors per resoldre aquest tipus de problemes ha emergit com una solució adecuada per calcular respostes impulsionals.<br/>En aquesta Tesi hem centrat el nostre anàlisis en els mètodes basats en el comportament ondulatori dins del domini temporal. Més concretament, estudiem en detall les formulacions més importants del mètode de Diferències Finites, el qual s'utilitza en moltes aplicacions d'acústica de sales, i el recentment proposat mètode PseudoEspectral de Fourier. Ambdós mètodes es basen en la formulació discreta de les equacions analítiques que descriuen els fenòmens acústics en espais tancats.<br/>Aquesta obra contribueix en els aspectes més importants en el càlcul numèric de respostes impulsionals: la propagació del so, la generació de fonts i les condicions de contorn de reactància local.<br>Room acoustics is the science concerned to study the behavior of sound waves in enclosed rooms. The acoustic information of any room, the so called impulse response, is expressed in terms of the acoustic field as a function of space and time. In general terms, it is nearly impossible to find analytical impulse responses of real rooms. Therefore, in the recent years, the use of computers for solving this type of problems has emerged as a proper alternative to calculate the impulse responses. <br/>In this Thesis we focus on the analysis of the wavebased methods in the timedomain. More concretely, we study in detail the main formulations of FiniteDifference methods, which have been used in many room acoustics applications, and the recently proposed Fourier PseudoSpectral methods. Both methods are based on the discrete formulations of the analytical equations that describe the sound phenomena in enclosed rooms. <br/>This work contributes to the main aspects in the computation of impulse responses: the wave propagation, the source generation and the locallyreacting boundary conditions.
APA, Harvard, Vancouver, ISO, and other styles
3

Guerid, Hachem. "Systèmes coopératifs décentralisés de détection et de contre-mesures des incidents et attaques sur les réseaux IP." Thesis, Paris, ENST, 2014. http://www.theses.fr/2014ENST0079/document.

Full text
Abstract:
La problématique des botnets, réseaux de machines infectées par des logiciels malveillants permettant de les contrôler à distance, constitue une préoccupation majeure du fait du nombre de machines infectées et des menaces associées: attaque par déni de service distribué (DDoS), spam, vol de données bancaires. Les solutions de lutte contre les botnets proposées présentent des limitations majeures dans le contexte d'un opérateur réseau (contraintes de volumétrie et de passage à l'échelle, respect de la confidentialité et de la vie privée des utilisateurs). Cette thèse propose quatre contributions orientées réseau de lutte contre les botnets. Chaque contribution traite d'une étape complémentaire dans la problématique des botnets: la première contribution permet de remonter à la source d'attaques par déni de service, et ainsi d'identifier un groupe de machines infectées à l'origine de ces attaques. La deuxième contribution concerne la détection des communications entre les machines infectées et leurs serveurs de contrôle et commande dans un réseau à large échelle, et offre ainsi l'opportunité de bloquer ces serveurs pour limiter le risque de nouvelles attaques. La troisième contribution permet une détection collaborative de botnets dans un contexte inter-domaine et inter-opérateur, permettant ainsi de lutter contre l'aspect hautement distribué de ces botnets. Enfin, la dernière contribution proposée permet de remédier aux botnets en ralentissant les communications entre les machines infectées et leur serveur de contrôle, offrant par ce biais une contre-mesure aux stratégies d'évasions développées par les cybercriminels afin de rendre leurs botnets plus résilients<br>The problem of botnets, networks of infected hosts controlled remotely by attackers, is a major concern because of the number of infected hosts and associated threats, like distributed denial of service (DDoS), spams, and data theft. State of the art solutions to fight against botnets have major limitations in a context of a network operator (scalability of the solution, confidentiality and privacy of users). In this thesis, we propose four network-based contributions to fight against botnets. Each solution address a different and complementary issue in this area: the first contribution tracebacks the source of denial of service attacks which threaten the network availability, allowing by that way to identify infected devices used to perpetrate these attacks. The second contribution detects the communications between infected computers and their command and control server (C&amp;C) in a large scale network and offers the opportunity to block these servers to minimize the risk of future attacks. The third contribution enables collaborative detection of botnets in an inter-domain and inter-operator context in order to fight against the highly distributed aspect of these botnets. Finally, the last contribution mitigates botnets by slowing down the communication between infected hosts and their C&amp;C server, providing a countermeasure against evasion techniques developed by cybercriminals to make their botnets more resilient
APA, Harvard, Vancouver, ISO, and other styles
4

Guerid, Hachem. "Systèmes coopératifs décentralisés de détection et de contre-mesures des incidents et attaques sur les réseaux IP." Electronic Thesis or Diss., Paris, ENST, 2014. http://www.theses.fr/2014ENST0079.

Full text
Abstract:
La problématique des botnets, réseaux de machines infectées par des logiciels malveillants permettant de les contrôler à distance, constitue une préoccupation majeure du fait du nombre de machines infectées et des menaces associées: attaque par déni de service distribué (DDoS), spam, vol de données bancaires. Les solutions de lutte contre les botnets proposées présentent des limitations majeures dans le contexte d'un opérateur réseau (contraintes de volumétrie et de passage à l'échelle, respect de la confidentialité et de la vie privée des utilisateurs). Cette thèse propose quatre contributions orientées réseau de lutte contre les botnets. Chaque contribution traite d'une étape complémentaire dans la problématique des botnets: la première contribution permet de remonter à la source d'attaques par déni de service, et ainsi d'identifier un groupe de machines infectées à l'origine de ces attaques. La deuxième contribution concerne la détection des communications entre les machines infectées et leurs serveurs de contrôle et commande dans un réseau à large échelle, et offre ainsi l'opportunité de bloquer ces serveurs pour limiter le risque de nouvelles attaques. La troisième contribution permet une détection collaborative de botnets dans un contexte inter-domaine et inter-opérateur, permettant ainsi de lutter contre l'aspect hautement distribué de ces botnets. Enfin, la dernière contribution proposée permet de remédier aux botnets en ralentissant les communications entre les machines infectées et leur serveur de contrôle, offrant par ce biais une contre-mesure aux stratégies d'évasions développées par les cybercriminels afin de rendre leurs botnets plus résilients<br>The problem of botnets, networks of infected hosts controlled remotely by attackers, is a major concern because of the number of infected hosts and associated threats, like distributed denial of service (DDoS), spams, and data theft. State of the art solutions to fight against botnets have major limitations in a context of a network operator (scalability of the solution, confidentiality and privacy of users). In this thesis, we propose four network-based contributions to fight against botnets. Each solution address a different and complementary issue in this area: the first contribution tracebacks the source of denial of service attacks which threaten the network availability, allowing by that way to identify infected devices used to perpetrate these attacks. The second contribution detects the communications between infected computers and their command and control server (C&amp;C) in a large scale network and offers the opportunity to block these servers to minimize the risk of future attacks. The third contribution enables collaborative detection of botnets in an inter-domain and inter-operator context in order to fight against the highly distributed aspect of these botnets. Finally, the last contribution mitigates botnets by slowing down the communication between infected hosts and their C&amp;C server, providing a countermeasure against evasion techniques developed by cybercriminals to make their botnets more resilient
APA, Harvard, Vancouver, ISO, and other styles
5

Ahluwalia, Aashna. "Impact study of length in detecting algorithmically generated domains." Thesis, 2018. https://dspace.library.uvic.ca//handle/1828/9299.

Full text
Abstract:
Domain generation algorithm (DGA) is a popular technique for evading detection used by many sophisticated malware families. Since the DGA domains are randomly generated, they tend to exhibit properties that are different from legitimate domain names. It is observed that shorter DGA domains used in emerging malware are more difficult to detect, in contrast to regular DGA domains that are unusually long. While length was considered as a contributing feature in earlier approaches, there has not been a systematic focus on how to leverage its impact on DGA domains detection accuracy. Through our study, we present a new detection model based on semantic and information theory features. The research applies concept of domain length threshold to detect DGA domains regardless of their lengths. The experimental evaluation of the proposed approach, using public datasets, yield a detection rate (DR) of 98.96% and a false positive rate (FPR) of 2.1%, when using random forests classification technique<br>Graduate
APA, Harvard, Vancouver, ISO, and other styles
6

Lee, Chia-Ruei, and 李家睿. "Using Generative Adversarial Networks for Domain Generation Algorithm." Thesis, 2018. http://ndltd.ncl.edu.tw/handle/v7ssr7.

Full text
Abstract:
碩士<br>元智大學<br>資訊工程學系<br>106<br>Deep Learning has been widely used in the fields of image classification, video inpainting, dimensionality reduction, etc. Among different structures of deep learning networks, generative adversarial network (GAN) is the promising one to revolutionize the generative models. In particular, GAN, a hybrid structure consisting of a discriminator and generator, can be used to learn the inherent distribution of the input data. After that, the synthetic data sampled from the learned distribution exhibit similar statistics to the input data. In this thesis, we study the use of GAN as Domain Generation Algorithm (DGA) in botnet. By putting ourselves in the botmaster’s shoes, we consider the major challenges in designing a stealthy and robust botnet, such that the developed botnets over the GAN-based DGA could overcome the common weaknesses. More specifically, DGA is widely used in botnets to achieve stealthy communications between botmaster and bots. However, machine learning (ML)-based approaches have been developed to capture the difference between DGA-generated communication pattern and normal traffic pattern, so as to identify botnet communications. Thus, we study how to mimic the normal traffic pattern by taking advantage of GAN-based DGA. We used four GANs, including WGAN-GP, SeqGAN, RNN.WGAN and RNN.WGAN via Fisher GAN to conduct experiments. We found that under the DGA detection engine, Cymon, more than 20%–65% of DGA-generated traffic from our developed GAN-based DGA can escape the detection of Cymon, compared with the DGA-generated traffic from Cryptolocker and Ramnit.
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Domain Generation Algorithm (DGA)"

1

Chin, Tommy, Kaiqi Xiong, Chengbin Hu, and Yi Li. "A Machine Learning Framework for Studying Domain Generation Algorithm (DGA)-Based Malware." In Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-030-01701-9_24.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Wang, Fei, Qian Li, and Chunhai Fan. "The Evolution of DNA-Based Molecular Computing." In Natural Computing Series. Springer Nature Singapore, 2023. http://dx.doi.org/10.1007/978-981-19-9891-1_3.

Full text
Abstract:
AbstractThe first demonstration of DNA computing was realized by Adleman in 1994, aiming to solve hard combinational problems with DNA molecules. This pioneering work initiated the evolution of the field of DNA computing during the last three decades. Up to date, the implemented functions of DNA computing have been expanded to logic operations, neural network computations, time-domain oscillator circuits, distributed computing, etc. Herein, the history of DNA computing is briefly reviewed, followed by discussions on opportunities and challenges of DNA-based molecular computing, especially from the perspective of algorithm design. Future directions and design strategies for next-generation DNA computing is also discussed.
APA, Harvard, Vancouver, ISO, and other styles
3

Baruch, Moran, and Gil David. "Domain Generation Algorithm Detection Using Machine Learning Methods." In Cyber Security: Power and Technology. Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-319-75307-2_9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Joan-Arinyo, Robert, Lluís Pérez-Vidal, and Josep Vilaplana-Pastó. "A Simple Algorithm for 2D-Mesh Generation by Domain Composition." In CAD Tools and Algorithms for Product Design. Springer Berlin Heidelberg, 2000. http://dx.doi.org/10.1007/978-3-662-04123-9_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Li, Kangshun, and Tian Feng. "A Domain Adaptive Segmentation Label Generation Algorithm for Autonomous Driving Scenarios." In Intelligence Computation and Applications. Springer Nature Singapore, 2024. http://dx.doi.org/10.1007/978-981-97-4396-4_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Gould, Nathaniel, Taishi Nishiyama, and Kazunori Kamiya. "Domain Generation Algorithm Detection Utilizing Model Hardening Through GAN-Generated Adversarial Examples." In Deployable Machine Learning for Security Defense. Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-59621-7_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Cheng, Hua, Jing Cai, and Yiquan Fang. "RL-Gen: A Character-Level Text Generation Framework with Reinforcement Learning in Domain Generation Algorithm Case." In Communications in Computer and Information Science. Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-36802-9_73.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Bouajjani, Ahmed, Wael-Amine Boutglay, and Peter Habermehl. "Data-driven Numerical Invariant Synthesis with Automatic Generation of Attributes." In Computer Aided Verification. Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-13185-1_14.

Full text
Abstract:
AbstractWe propose a data-driven algorithm for numerical invariant synthesis and verification. The algorithm is based on the ICE-DT schema for learning decision trees from samples of positive and negative states and implications corresponding to program transitions. The main issue we address is the discovery of relevant attributes to be used in the learning process of numerical invariants. We define a method for solving this problem guided by the data sample. It is based on the construction of a separator that covers positive states and excludes negative ones, consistent with the implications. The separator is constructed using an abstract domain representation of convex sets. The generalization mechanism of the decision tree learning from the constraints of the separator allows the inference of general invariants, accurate enough for proving the targeted property. We implemented our algorithm and showed its efficiency.
APA, Harvard, Vancouver, ISO, and other styles
9

Zhang, Qiong, and Xu Chen. "Applying BBLT Incorporating Specific Domain Topic Summary Generation Algorithm to the Classification of Chinese Legal Cases." In Advances in Internet, Data & Web Technologies. Springer International Publishing, 2023. http://dx.doi.org/10.1007/978-3-031-26281-4_47.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Li, Yixuan, Julian Parsert, and Elizabeth Polgreen. "Guiding Enumerative Program Synthesis with Large Language Models." In Computer Aided Verification. Springer Nature Switzerland, 2024. http://dx.doi.org/10.1007/978-3-031-65630-9_15.

Full text
Abstract:
AbstractPre-trained Large Language Models (LLMs) are beginning to dominate the discourse around automatic code generation with natural language specifications. In contrast, the best-performing synthesizers in the domain of formal synthesis with precise logical specifications are still based on enumerative algorithms. In this paper, we evaluate the abilities of LLMs to solve formal synthesis benchmarks by carefully crafting a library of prompts for the domain. When one-shot synthesis fails, we propose a novel enumerative synthesis algorithm, which integrates calls to an LLM into a weighted probabilistic search. This allows the synthesizer to provide the LLM with information about the progress of the enumerator, and the LLM to provide the enumerator with syntactic guidance in an iterative loop. We evaluate our techniques on benchmarks from the Syntax-Guided Synthesis (SyGuS) competition. We find that GPT-3.5 as a stand-alone tool for formal synthesis is easily outperformed by state-of-the-art formal synthesis algorithms, but our approach integrating the LLM into an enumerative synthesis algorithm shows significant performance gains over both the LLM and the enumerative synthesizer alone and the winning SyGuS competition tool.
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Domain Generation Algorithm (DGA)"

1

Drichel, Arthur, and Ulrike Meyer. "A Comprehensive Study on Multi-Task Learning for Domain Generation Algorithm (DGA) Detection." In 2024 21st Annual International Conference on Privacy, Security and Trust (PST). IEEE, 2024. https://doi.org/10.1109/pst62714.2024.10788074.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Cai, Lianlian, Ziyao Xu, Wanrong Zhao, Jiayue Ma, Ziyi Gao, and Xupeng Huang. "Heart Rate Generation Algorithm Using Generative Adversarial Networks Based on Time-Frequency Domain Composite Loss Values." In 2024 WRC Symposium on Advanced Robotics and Automation (WRC SARA). IEEE, 2024. http://dx.doi.org/10.1109/wrcsara64167.2024.10685757.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Caprio, Ulderico Di, and M. Enis Leblebici. "Hybrid Models Identification and Training through Evolutionary Algorithms." In The 35th European Symposium on Computer Aided Process Engineering. PSE Press, 2025. https://doi.org/10.69997/sct.192790.

Full text
Abstract:
Hybrid modelling is widely employed in chemical engineering to generate highly accurate predictions. Such an approach merges first-principle modelling with machine learning techniques to identify and model the epistemic uncertainty from experimental data. Despite its advantages, this still requires cross-domain competencies that are difficult to find in the chemical industry and high human involvement. The possibility of automating the identification and training model would be significantly beneficial for the widespread adoption of hybrid modelling methodology within the chemical industry. This work presents a novel algorithm for the automatic identification of hybrid models (HMs) starting from the first-principle representation of the system, described by differential equation sets. The methodology formulates the problem as mixed-integer programming, identifying the equation running under uncertainty, identifying the machine learning model hyperparameters, and training the latter. The Differential Evolution algorithm drives the identification and training tasks. The methodology is validated in three cases, namely a dynamic reaction system, a dynamic bioreactor and a Lotka-Volterra oscillator deviated with polynomial or MRF equation on different levels, generating 14 validation cases. On all of them, the model correctly identifies the position of the uncertainty and the functional form to approximate it. The methodology returns automatically trained HMs with a mean absolute percentage error in the range of 10%, which is in line with the experimental error of the data. The methodology presented in this work presents a step toward the automatic generation of HMs for dynamic systems and the widespread of this technology in the chemical industry.
APA, Harvard, Vancouver, ISO, and other styles
4

Pascioni, Kyle, Colin Stutz, Mary Houston, and James Stephenson. "Phased Array Measurements of a Full-Scale Helicopter." In Vertical Flight Society 81st Annual Forum and Technology Display. The Vertical Flight Society, 2025. https://doi.org/10.4050/f-0081-2025-102.

Full text
Abstract:
Single microphone measurements lack the ability to separate nondeterministic noise sources on multipropulsor vehicles, limiting their usefulness to understand the dominant noise generation mechanisms. To advance the state-of-the-art for measuring multipropulsor aircraft in support of future Urban Air Mobility (UAM) and Future Vertical Lift (FVL) testing, a 117-channel phased array was deployed during an Army/NASA acoustic flight test of an MD530F helicopter. A time-domain beamforming algorithm, namely, the ROtating Source Identifier (ROSI), was utilized to track the aircraft's forward motion and main rotor rotation. This process isolates nondeterministic sources of the main rotor, effectively filtering out contributions of the tail rotor and other nonrotating components. Source maps are provided for low-speed forward flight and illustrate aeroacoustic sources near the main rotor blade tips over a broad frequency range. Particular emphasis is given on the benefits of flying at a lower altitude relative to the array to enhance source separation through increased spatial resolution. A coherence-based microphone weighting scheme was utilized to support component-based integrated spectral assessments. Total integrated levels over the rotating scan grid are provided, representing the contribution of the main rotor to the total aircraft levels. Although additional analysis is needed to gain confidence in the beamforming methods applied, results herein minimally indicate this to be a valuable technique for qualitative source ranking.
APA, Harvard, Vancouver, ISO, and other styles
5

Cao, Heng, Chundong Wang, Long Huang, Xiaochun Cheng, and Haoran Fu. "Adversarial DGA Domain Examples Generation and Detection." In CCRIS 2020: 2020 International Conference on Control, Robotics and Intelligent System. ACM, 2020. http://dx.doi.org/10.1145/3437802.3437836.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Rayhan, Md Maruf, and Md Ahsan Ayub. "An Experimental Analysis of Classification Techniques for Domain Generating Algorithms (DGA) based Malicious Domains Detection." In 2020 23rd International Conference on Computer and Information Technology (ICCIT). IEEE, 2020. http://dx.doi.org/10.1109/iccit51783.2020.9392701.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Borello, D., and F. Rispoli. "Improved Non-Equilibrium Turbulence Closure Modeling for Axial Flow Compressors Simulation." In ASME Turbo Expo 2003, collocated with the 2003 International Joint Power Generation Conference. ASMEDC, 2003. http://dx.doi.org/10.1115/gt2003-38672.

Full text
Abstract:
The present paper investigates the predictive attitude of three non conventional turbulence closures in simulating the physics pertinent to decelerating turbomachinery flows. The performance of a cubic k-ε model and an algebraic Reynolds stress model adopting a non-linear link between turbulence and velocity gradients have been exploited with reference to their capabilities in predicting anisotropy effects and the sensibility to streamlines curvature. In addition, a modification of the kinetic energy production term in standard isotropic model has been also tested, in accord with Kato and Launder formulation. To put in evidence the predictive capabilities of such models a comparison with the standard Launder and Sharma turbulence closure will be carried out. The authors adopt a multi-level parallel solver developed in the framework of a finite element (FE) method based on a stabilized Petrov-Galerkin formulation. The FE method is here applied on mixed Q2-Q1 element shape functions. The solution scheme is based on a Multigrid (MG) solver properly developed to operate in a parallel environment. To increase the performance of MG schemes in solving self-adjoint elliptic problems a remedial strategy consisting of a LFMG-type scheme named Hybrid Linear Full Multi-Grid technique (HLFMG) has been proposed. The parallel algorithm follows a Single Program Multiple Domains (SPMD) scheme. The subdomains fields for Reynolds Averaged Navier-Stokes problem are generated by the adoption of an original overlapping domain decomposition technique. In the present paper we analyze a two-dimensional leading edge and both a DCA (2D) and NACA65 (3D) compressor cascades. The flows considered for model benchmarking are highly challenging because of the possibly transitional nature of the flow and the existence of three-dimensional phenomena and of significant separation regions. The potential of non-standard closures has been investigated in terms of both velocity and turbulent variables. In the leading edge test-case, the cubic k-ε model is shown to provide a better base-line for nonequilibrium effects simulation with respect to the algebraic stress model. The Kato and Launder modification has shown poor predictive attitude in representing the flow downstream the impingement and it has not adopted for the other test-cases. In the DCA simulation the presence of large transition regions leads to a degradation of the predictions of the cubic model. Algebraic stress model has shown performances comparable to the cubic model ones. The 3D linear cascade flow simulations put in evidence that the standard and algebraic Reynolds stress approaches have similar performance, clearly worse respect to the cubic model.
APA, Harvard, Vancouver, ISO, and other styles
8

Liu, Qihe, Gao Yu, Yuanyuan Wang, and Zeng Yi. "A Novel DGA Domain Adversarial Sample Generation Method By Geometric Perturbation." In AISS 2021: 2021 3rd International Conference on Advanced Information Science and System. ACM, 2021. http://dx.doi.org/10.1145/3503047.3503080.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Upadhyay, Shubhangi, and Ali Ghorbani. "Feature Extraction Approach to Unearth Domain Generating Algorithms (DGAs)." In 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). IEEE, 2020. http://dx.doi.org/10.1109/dasc-picom-cbdcom-cyberscitech49142.2020.00077.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Qi, Guorong, and Jian Mao. "An Improved CNN-LSTM Algorithm for Detection of DGA Domain Name." In EITCE 2023: 2023 7th International Conference on Electronic Information Technology and Computer Engineering. ACM, 2023. http://dx.doi.org/10.1145/3650400.3650618.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Domain Generation Algorithm (DGA)"

1

Yan, Yujie, and Jerome F. Hajjar. Automated Damage Assessment and Structural Modeling of Bridges with Visual Sensing Technology. Northeastern University, 2021. http://dx.doi.org/10.17760/d20410114.

Full text
Abstract:
Recent advances in visual sensing technology have gained much attention in the field of bridge inspection and management. Coupled with advanced robotic systems, state-of-the-art visual sensors can be used to obtain accurate documentation of bridges without the need for any special equipment or traffic closure. The captured visual sensor data can be post-processed to gather meaningful information for the bridge structures and hence to support bridge inspection and management. However, state-of-the-practice data postprocessing approaches require substantial manual operations, which can be time-consuming and expensive. The main objective of this study is to develop methods and algorithms to automate the post-processing of the visual sensor data towards the extraction of three main categories of information: 1) object information such as object identity, shapes, and spatial relationships - a novel heuristic-based method is proposed to automate the detection and recognition of main structural elements of steel girder bridges in both terrestrial and unmanned aerial vehicle (UAV)-based laser scanning data. Domain knowledge on the geometric and topological constraints of the structural elements is modeled and utilized as heuristics to guide the search as well as to reject erroneous detection results. 2) structural damage information, such as damage locations and quantities - to support the assessment of damage associated with small deformations, an advanced crack assessment method is proposed to enable automated detection and quantification of concrete cracks in critical structural elements based on UAV-based visual sensor data. In terms of damage associated with large deformations, based on the surface normal-based method proposed in Guldur et al. (2014), a new algorithm is developed to enhance the robustness of damage assessment for structural elements with curved surfaces. 3) three-dimensional volumetric models - the object information extracted from the laser scanning data is exploited to create a complete geometric representation for each structural element. In addition, mesh generation algorithms are developed to automatically convert the geometric representations into conformal all-hexahedron finite element meshes, which can be finally assembled to create a finite element model of the entire bridge. To validate the effectiveness of the developed methods and algorithms, several field data collections have been conducted to collect both the visual sensor data and the physical measurements from experimental specimens and in-service bridges. The data were collected using both terrestrial laser scanners combined with images, and laser scanners and cameras mounted to unmanned aerial vehicles.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Domain Generation Algorithm (DGA)' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography