DGA malicious domain name identification based on XGBoost and particle swarm optimization algorithm

CHEN Zesheng; ZHOU Min; FENG Lichun; CHEN Weijie

Tongxin xuebao (Nov 2024)

DGA malicious domain name identification based on XGBoost and particle swarm optimization algorithm

CHEN Zesheng,
ZHOU Min,
FENG Lichun,
CHEN Weijie

Affiliations

CHEN Zesheng
ZHOU Min
FENG Lichun
CHEN Weijie

Journal volume & issue: Vol. 45
pp. 27 – 32

Abstract

Read online

Domain generation algorithms (DGA) have become a common method of network attacks. To enhance the detection capability for DGA malicious domains, a method for malicious domain identification based on XGBoost and particle swarm optimization (PSO) algorithms was proposed. Firstly, using cross-validation accuracy as the evaluation metric, the PSO algorithm was employed to optimize the hyperparameters of XGBoost, followed by classification and identification using XGBoost. Experimental results demonstrate that the XGBoost model optimized by PSO exhibits improved performance in DGA malicious domain classification. Compared to other classification models, it achieves better results in metrics such as accuracy, precision, recall, and F1_score. The study indicates that integrating PSO for parameter selection effectively enhances the performance of XGBoost in DGA malicious domain identification tasks.

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords