Detection method for malicious domain name in domain name system and detection device

A detection method for a malicious domain name in a domain name system (DNS) and a detection device are provided. The method includes: obtaining network connection data of an electronic device; capturing log data related to at least one domain name from the network connection data; analyzing the log...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Tseng, Yi-Chung, Sun, Ming-Kung, Huang, Chiung-Ying, Tsai, Tung-Lin
Format: Patent
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A detection method for a malicious domain name in a domain name system (DNS) and a detection device are provided. The method includes: obtaining network connection data of an electronic device; capturing log data related to at least one domain name from the network connection data; analyzing the log data to generate at least one numerical feature related to the at least one domain name; inputting the at least one numerical feature into a multi-type prediction model, which includes a first data model and a second data model; and predicting whether a malicious domain name related to a malware or a phishing website exists in the at least one domain name by the multi-type prediction model according to the at least one numerical feature.