论文信息 - Acquire, adapt, and anticipate: continuous learning to block malicious domains

Acquire, adapt, and anticipate: continuous learning to block malicious domains

We present an automated learning system that continuously gathers domain data from open repositories, develops a deep learning model, uses the model to make detections, publishes unreported malicious domains, leverages threat intelligence to label the detected domains, and periodically updates the detection models. The results presented in this paper show that the system not only extends the detection coverage of threat intelligence feeds, but also that it reduces the delay in detection. We also leverage deep learning models to generate new, unregistered domains that are likely to be used by attackers in the future.

[1] Hyrum S. Anderson,et al. Predicting Domain Generation Algorithms with Long Short-Term Memory Networks , 2016, ArXiv.

[2] Qing Li,et al. Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges , 2015 .

[3] Prabaharan Poornachandran,et al. A lexical approach for classifying malicious URLs , 2015, 2015 International Conference on High Performance Computing & Simulation (HPCS).

[4] Max Welling,et al. Auto-Encoding Variational Bayes , 2013, ICLR.

[5] Konstantin Berlin,et al. eXpose: A Character-Level Convolutional Neural Network with Embeddings For Detecting Malicious URLs, File Paths and Registry Keys , 2017, ArXiv.

[6] Ali A. Ghorbani,et al. Detecting Malicious URLs Using Lexical Analysis , 2016, NSS.

[7] Parvez Ahammad,et al. SoK: Applying Machine Learning in Security - A Survey , 2016, ArXiv.

[8] Karel Bartos,et al. Learning Detector of Malicious Network Traffic from Weak Labels , 2015, ECML/PKDD.

[9] Jens Myrup Pedersen,et al. On the use of machine learning for identifying botnet network traffic , 2016, J. Cyber Secur. Mobil..

[10] Hyrum S. Anderson,et al. DeepDGA: Adversarially-Tuned Domain Generation and Detection , 2016, AISec@CCS.

[11] Xiang Zhang,et al. Character-level Convolutional Networks for Text Classification , 2015, NIPS.