[1] 网络安全信息与动态周报.第13期互联网安全威胁报告[EB/OL].[2018-04-01]. http://www.cert.org.cn/publish/main/44/2018/20180404150414268888501/20180404150414268888501_201html.(National Internet Emergency Center. 13th Internet security threat report[EB/OL].[2018-04-01]. http://www.cert.cn./publish/main/44/20180404150414268888501/20180404150414268888501_.html.) [2] WANG T S, LIN H T, CHENG W T, et al. DBod:clustering and detecting DGA-based botnets using DNS traffic analysis[J]. Computers & Security, 2016, 64:1-15. [3] 牛伟纳,张小松,孙恩博,等.基于流相似性的两阶段P2P僵尸网络检测方法[J].电子科技大学学报,2017,46(6):902-906.(NIU W N, ZHANG X S, SUN E B, et al. Two-stage peer-to-peer zombie network detection method based on flow similarity[J]. Journal of University of Electronic Science and Technology of China, 2017, 46(6):902-906.) [4] POMOROVA O, SAVENKO O, LYSENKO S, et al. A technique for the botnet detection based on DNS-traffic analysis[C]//Proceedings of the 22nd International Conference on Computer Networks. Berlin:Springer, 2015:127-138. [5] YU B, OLUMOFIN F, SMITH L, et al. Behavior analysis based DNS tunneling detection and classification with big data technologies[C]//Proceedings of the 2016 International Conference on Internet of Things and Big Data. Setubal:SciTePress, 2016:284-290. [6] PERDISCI R, CORONA I, DAGON D, et al. Detecting malicious flux service networks through passive analysis of recursive DNS traces[C]//Proceedings of the 25th Computer Security Applications Conference. Washington, DC:IEEE Computer Society, 2009:311-320. [7] 张维维,龚俭,刘茜,等.基于词素特征的轻量级域名检测算法[J].软件学报,2016,27(9):2348-2364.(ZHANG W W, GONG J, LIU Q, et al. Lightweight domain name detection algorithm based on morpheme features[J]. Journal of Software, 2016, 27(9):2348-2364. [8] 黄诚,刘嘉勇,刘亮,等.基于上下文语义的恶意域名语料提取模型研究[J].计算机工程与应用,2018,54(9):101-108.(HUANG C, LIU J Y, LIU L, et al. Research on the extraction model of malicious domain name corpus based on context semantics[J]. Computer Engineering and Applications, 2018, 54(9):101-108.) [9] WANG W, SHIRLEY K. Breaking bad:detecting malicious domains using word segmentation[J]. ArXiv Preprint, 2015, 2015:1506.04111. [10] 张洋,柳厅文,沙泓州,等.基于多元属性特征的恶意域名检测[J].计算机应用,2016,36(4):941-944.(ZHANG Y, LIU T W, SHA H Z, et al. Detection of malicious domain names based on multivariate attribute features[J]. Journal of Computer Applications, 2016, 36(4):941-944.) [11] 刘爱江,黄长慧,胡光俊.基于改进神经网络算法的木马控制域名检测方法[J].电信科学,2014,30(7):39-42.(LIU A J, HUANG C H, HU G J. A method of Trojan control domain name detection based on improved neural network algorithm[J]. Telecommunications Science, 2014, 30(7):39-42.) [12] TRUONG D-T, CHENG G, AHMAD J, et al. Detecting DGA-based botnet with DNS traffic analysis in monitored network[J]. Journal of Internet Technology, 2016, 17(2):217-230. [13] 左晓军,董立勉,曲武.基于域名系统流量的Fast-Flux僵尸网络检测方法[J].计算机工程,2017,43(9):185-193.(ZUO X J, DONG L M, QU W. Fast-Flux zombie network detection based on domain name system traffic[J]. Computer Engineering, 2017, 43(9):185-193.) [14] 周昌令,栾兴龙,肖建国.基于深度学习的域名查询行为向量空间嵌入[J].通信学报,2016,37(3):165-174.(ZHOU C L, LUAN X L, XIAO J G. Domain name query behavior vector space embedding based on depth learning[J]. Journal on Communications, 2016, 37(3):165-174.) [15] KHALIL I, YU T, GUAN B. Discovering malicious domains through passive DNS data graph analysis[C]//Proceedings of the 11th ACM Asia Conference on Computer and Communications Security. New York:ACM, 2016:663-674. [16] 周维柏,李蓉.基于关联规则挖掘的集中式僵尸网络检测[J].兰州理工大学学报,2016,42(6):109-113.(ZHOU W B, LI R. Centralized zombie network detection based on association rules mining[J]. Journal of Lanzhou University of Technology, 2016, 42(6):109-113.) [17] 周勇林,由林麟,张永铮.基于命名及解析行为特征的异常域名检测方法[J].计算机工程与应用,2011,47(20):50-52.(ZHOU Y L, YOU L L, ZHANG Y Z. An anomaly domain name detection method based on naming and analytic behavior features[J]. Computer Engineering and Applications, 2011, 47(20):50-52.) [18] 陈春萍.基于SVM与AdaBoost组合的分类算法研究[D].西安:西安电子科技大学,2012.(CHEN C P. Research on classification algorithm based on SVM and AdaBoost combination[D]. Xi'an:Xidian University, 2012.) [19] ZHANG W. Relief feature selection and parameter optimization for support vector machine based on mixed kernel function[J/OL]. International Journal of Performability Engineering, 2018, 14(2)[2018-02-20]. http://www.ijpe-online.com/relief-feature-selection-and-parameter-optimization-for-support-vector-machine-based-on-mixed-kernel-function.html#axzz5TzKru9vC. [20] Malware domain list. Malware domain list[EB/OL].[2018-05-08]. http://www.malwaredomainlist.com.php. [21] 罗文塽,曹天杰.基于非用户操作序列的恶意软件检测方法[J].计算机应用,2018,38(1):56-60.(LUO W S, CAO T J. A malicious software detection method based on non-user operation sequence[J]. Journal of Computer Applications, 2018, 38(1):56-60.) [22] Alexa Top Global Sites. Alexa top global sites[EB/OL].[2018-05-08]. http://www.alexa.com/topsites. |