山西大学学报(自然科学版)2025,Vol.48Issue(4):725-740,16.DOI:10.13451/j.sxu.ns.2025018
面向僵尸网络DGA攻击的智能检测技术与对抗策略研究
The Research on Intelligent Detection Technology and Countermeasures for Botnet DGA Attacks
摘要
Abstract
Botnets can dynamically generate numerous unpredictable domains via Domain Generation Algorithms(DGA)to elude traditional static detection,enhancing the stealth and persistence of malicious activities.As DGA technology advances,traditional de-tection methods are facing growing challenges.Efficiently identifying and defending against these domains has become crucial in cy-bersecurity.This paper comprehensively analyzes mainstream DGA detection technologies,including those based on statistical fea-tures,machine learning,and deep learning.It delves into their principles,application scenarios,and performance,uncovering limita-tions in false positive rates,computational complexity,dataset size,and adaptability to new DGAs.Finally,the paper proposes inno-vative directions for deep learning-based detection and cross domain collaborative detection.Combined with traffic behavior analy-sis and generation-pattern blocking mechanisms,we build a multi-Layered,integrated DGA defense system,offering new ideas to improve detection effectiveness,accuracy,and adaptability.关键词
僵尸网络/域名生成算法/域名检测/机器学习Key words
botnet/domain generation algorithm/domain detection/machine learning分类
信息技术与安全科学引用本文复制引用
卫鸿婧,胡治国..面向僵尸网络DGA攻击的智能检测技术与对抗策略研究[J].山西大学学报(自然科学版),2025,48(4):725-740,16.基金项目
国家自然科学基金(61872226) (61872226)
