Malicious Domain Detection Based on Decision Tree
Summary :
Different types of malicious attacks have been increasing simultaneously and have become a serious issue for cybersecurity. Most attacks leverage domain URLs as an attack communications medium and compromise users into a victim of phishing or spam. We take advantage of machine learning methods to detect the maliciousness of a domain automatically using three features: DNS-based, lexical, and semantic features. The proposed approach exhibits high performance even with a small training dataset. The experimental results demonstrate that the proposed scheme achieves an approximate accuracy of 0.927 when using a random forest classifier.
- Publication
- IEICE TRANSACTIONS on Information Vol.E106-D No.9 pp.1490-1494
- Publication Date
- 2023/09/01
- Publicized
- 2023/06/22
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.2022OFL0002
- Type of Manuscript
- Special Section LETTER (Special Section on Log Data Usage Technology and Office Information Systems)
- Category
Authors
Thin Tharaphe THEIN
Kobe University
Yoshiaki SHIRAISHI
Kobe University
Masakatu MORII
Kobe University
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Thin Tharaphe THEIN, Yoshiaki SHIRAISHI, Masakatu MORII, "Malicious Domain Detection Based on Decision Tree" in IEICE TRANSACTIONS on Information,
vol. E106-D, no. 9, pp. 1490-1494, September 2023, doi: 10.1587/transinf.2022OFL0002.
Abstract: Different types of malicious attacks have been increasing simultaneously and have become a serious issue for cybersecurity. Most attacks leverage domain URLs as an attack communications medium and compromise users into a victim of phishing or spam. We take advantage of machine learning methods to detect the maliciousness of a domain automatically using three features: DNS-based, lexical, and semantic features. The proposed approach exhibits high performance even with a small training dataset. The experimental results demonstrate that the proposed scheme achieves an approximate accuracy of 0.927 when using a random forest classifier.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2022OFL0002/_p
Copy
@ARTICLE{e106-d_9_1490,
author={Thin Tharaphe THEIN, Yoshiaki SHIRAISHI, Masakatu MORII, },
journal={IEICE TRANSACTIONS on Information},
title={Malicious Domain Detection Based on Decision Tree},
year={2023},
volume={E106-D},
number={9},
pages={1490-1494},
abstract={Different types of malicious attacks have been increasing simultaneously and have become a serious issue for cybersecurity. Most attacks leverage domain URLs as an attack communications medium and compromise users into a victim of phishing or spam. We take advantage of machine learning methods to detect the maliciousness of a domain automatically using three features: DNS-based, lexical, and semantic features. The proposed approach exhibits high performance even with a small training dataset. The experimental results demonstrate that the proposed scheme achieves an approximate accuracy of 0.927 when using a random forest classifier.},
keywords={},
doi={10.1587/transinf.2022OFL0002},
ISSN={1745-1361},
month={September},}
Copy
TY - JOUR
TI - Malicious Domain Detection Based on Decision Tree
T2 - IEICE TRANSACTIONS on Information
SP - 1490
EP - 1494
AU - Thin Tharaphe THEIN
AU - Yoshiaki SHIRAISHI
AU - Masakatu MORII
PY - 2023
DO - 10.1587/transinf.2022OFL0002
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E106-D
IS - 9
JA - IEICE TRANSACTIONS on Information
Y1 - September 2023
AB - Different types of malicious attacks have been increasing simultaneously and have become a serious issue for cybersecurity. Most attacks leverage domain URLs as an attack communications medium and compromise users into a victim of phishing or spam. We take advantage of machine learning methods to detect the maliciousness of a domain automatically using three features: DNS-based, lexical, and semantic features. The proposed approach exhibits high performance even with a small training dataset. The experimental results demonstrate that the proposed scheme achieves an approximate accuracy of 0.927 when using a random forest classifier.
ER -
English
