通信学报2025,Vol.46Issue(6):18-31,14.DOI:10.11959/j.issn.1000-436x.2025106
CPDGA:基于一致性传播的DGA域名主动检测算法
CPDGA:foresee future DGA using proactive conformal propagation
摘要
Abstract
Attackers dynamically register domain names through the domain generation algorithm(DGA)to support mal-ware activities.The continuous evolution of malicious domain names leads to the phenomenon of concept drift,render-ing the existing detection techniques based on continual learning models less effective over time.To address this threat,by combining conformal prediction and conformal clustering,a foresee future DGA using proactive conformal propaga-tion(CPDGA)was proposed.Experiments were conducted using datasets of malicious and benign domain names from 2019 to 2023.CPDGA was applied to mitigate the effect of concept drift.As a result,the impact of concept drift was ef-fectively reduced.The detection accuracy was improved by 20.4%.Additionally,CPDGA achieves an accuracy rate of 96.42%in detecting the domain names generated by 13 latest adversarial models,showing its strong robustness and adaptability.关键词
域名生成算法/概念漂移/一致性预测/一致性聚类/对抗模型Key words
domain generation algorithm/concept drift/conformal prediction/conformal clustering/adversarial model分类
信息技术与安全科学引用本文复制引用
刘双双,王志,董伊萌,李万鹏..CPDGA:基于一致性传播的DGA域名主动检测算法[J].通信学报,2025,46(6):18-31,14.基金项目
CCF-绿盟科技"鲲鹏"科研基金资助项目(No.CCF-NSFOCUS 2024016) The CCF-NSFOCUS"kunpeng"Research Fund(No.CCF-NSFOCUS 2024016) (No.CCF-NSFOCUS 2024016)
