关键词: 恶意域名检测, 字符串嵌入, 降噪自编码网络, 多视角特征, 交叉注意力

Abstract: Aiming at the problems of insufficient utilization of domain name string information and loss of global encoding features in current malicious domain detection methods,this paper proposes a novel malicious domain detection approach based on multi-perspective spatiotemporal alignment learning.Firstly,the domain name string is embedded into an image,and a denoising autoencoder network combined with a convolutional neural network (CNN) is employed to encode the domain name string into textual and visual feature spaces,constructing a multi-perspective feature set.Next,the feature maps are downsampled into different-scaled feature layers,and gradient information is learned through layer-by-layer iterative training to enhance the semantic representation capability of the features.Finally,a cross-attention mechanism is introduced to align the textual and visual feature maps.A prototype set is constructed using global average pooling on the aligned feature maps,enabling rapid determination of the legitimacy of a test domain by associating its features with the prototypes.Extensive experiments on public datasets,including binary- and multi-class classification tasks,demonstrate the superiority of the proposed approach.

Key words: malicious domain detection, string embedding, denoising autoencoder network, multiple perspective features, cross-attention