CPDGA: foresee future DGA using proactive conformal propagation

CPDGA: foresee future DGA using proactive conformal propagation

Attackers dynamically register domain names through the domain generation algorithm (DGA) to support malware activities. The continuous evolution of malicious domain names leads to the phenomenon of concept drift, rendering the existing detection techniques based on continual learning models less ef...

Full description

Saved in:
Bibliographic Details
Main Authors: LIU Shuangshuang, WANG Zhi, DONG Yimeng, LI Wanpeng
Format: Article
Language:zho
Published: Editorial Department of Journal on Communications 2025-06-01
Series:Tongxin xuebao
Subjects:
domain generation algorithm
concept drift
conformal prediction
conformal clustering
adversarial model
Online Access:http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2025106/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Attackers dynamically register domain names through the domain generation algorithm (DGA) to support malware activities. The continuous evolution of malicious domain names leads to the phenomenon of concept drift, rendering the existing detection techniques based on continual learning models less effective over time. To address this threat, by combining conformal prediction and conformal clustering, a foresee future DGA using proactive conformal propagation (CPDGA) was proposed. Experiments were conducted using datasets of malicious and benign domain names from 2019 to 2023. CPDGA was applied to mitigate the effect of concept drift. As a result, the impact of concept drift was effectively reduced. The detection accuracy was improved by 20.4%. Additionally, CPDGA achieves an accuracy rate of 96.42% in detecting the domain names generated by 13 latest adversarial models, showing its strong robustness and adaptability.
ISSN:1000-436X

Similar Items