Detection method for malicious domain name in domain name system and detection device
A detection method for a malicious domain name in a domain name system (DNS) and a detection device are provided. The method includes: obtaining network connection data of an electronic device; capturing log data related to at least one domain name from the network connection data; analyzing the log...
Gespeichert in:
Hauptverfasser: | , , , |
---|---|
Format: | Patent |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | A detection method for a malicious domain name in a domain name system (DNS) and a detection device are provided. The method includes: obtaining network connection data of an electronic device; capturing log data related to at least one domain name from the network connection data; analyzing the log data to generate at least one numerical feature related to the at least one domain name; inputting the at least one numerical feature into a multi-type prediction model, which includes a first data model and a second data model; and predicting whether a malicious domain name related to a malware or a phishing website exists in the at least one domain name by the multi-type prediction model according to the at least one numerical feature. |
---|