Efficient Deep Learning Models for DGA Domain Detection

In recent years, cyberattacks using command and control (C&C) servers have significantly increased. To hide their C&C servers, attackers often use a domain generation algorithm (DGA), which automatically generates names for the servers. Accordingly, extensive research on DGA detection has been conducted. However, existing methods cannot accurately detect continuously generated domains can easily be evaded by an attacker. Recently, long short-term memory- (LSTM-) based deep learning models introduced to in real time only without feature extraction or additional information. this paper, we propose efficient method bidirectional LSTM (BiLSTM), learns information as opposed unidirectional learned LSTM. We further maximize performance with convolutional neural network (CNN) + BiLSTM ensemble model Attention mechanism, allows learn both local global sequence. Experimental results show that CNN achieved F1-scores of 0.9384 0.9597, respectively, while proposed higher 0.9618 0.9666, respectively. addition, best most classes, enabling more accurate than models.