DGA domain name detection method oriented to botnet of Internet of Things

• Main Authors: XIN YANG, YAO LIANGWEI, WU YINGYING
• Format: Patent
• Language: Chinese; English
• Published: 22.08.2023
• Subjects: CALCULATING; COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS; COMPUTING; COUNTING; ELECTRIC COMMUNICATION TECHNIQUE; ELECTRIC DIGITAL DATA PROCESSING; ELECTRICITY; PHYSICS; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

The invention belongs to the technical field of Internet of Things security, and discloses an Internet of Things botnet-oriented DGA domain name detection method, which comprises the following steps of: obtaining a domain name character string in a DNS domain name resolution request sent by Internet of Things equipment; inputting the domain name character string into a trained domain name detection model to obtain binary classification and multi-classification results of the domain name; wherein the domain name detection model is obtained by training based on a Small BERT pre-training model and a fusion network of a CNN (Convolutional Neural Network). According to the method, by combining two feature extraction capabilities of a SmallBERT model for the domain name by taking sub-words as granularity and a CNN for the domain name by taking characters as granularity, the learning capability of an algorithm for comprehensive features such as semantics, lexical, pronunciation and character randomness of the domain