1. Malicious Domain Names Detection by Improved Relief-C5.0.
- Author
-
MA Donglin, ZHANG Shuhuan, and ZHAO Hong
- Subjects
CLASSIFICATION algorithms ,INTERNET domain naming system ,COMPUTATIONAL complexity ,UNIFORM Resource Locators - Abstract
Aiming at the problems of the high computational complexity, low real-time performance, and low accuracy of classification models in the current malicious domain name detection algorithms, a malicious domain name detection algorithm by Rf-C5 (Relief-C5.0) is proposed. Firstly, the global URL features of the domain names to be tested are extracted. Then, the improved Relief algorithm is used to calculate the weight of the extracted features, and the features are prioritized according to the weight values. Finally, the key features of the top 20 weighted values are selected as the input of C5.0 classifier to classify legitimate domain names and malicious domain names. Experimental results show that under the large sample data set, compared with the current mainstream malicious domain name detection algorithms, the detection accuracy of Rf-C5 model increases by 1.58~4.91 percentage points on the basis of increasing the average detection rate. [ABSTRACT FROM AUTHOR]
- Published
- 2022
- Full Text
- View/download PDF