Skip to content
No description, website, or topics provided.
Python
Branch: master
Clone or download
Pull request Compare This branch is 34 commits ahead of endgameinc:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
dga_classifier
.gitignore
LICENSE
README.md
heatmap.py
run.py

README.md

ALOHA DGA: Applying Auxiliary Loss Optimization for Hypothesis Augmentation (ALOHA) to DGA Domain Detection

This repo is based on Endgame's dga_predict code base, but it contains several extensions for my research on trying out some of the ideas from ALOHA: Auxiliary Loss Optimization for Hypothesis Augmentation applied to DGA classifiers.

This repo contains 4 classifers + 4 extensions of these that use Auxiliary Loss Optimization for Hypothesis Augmentation.

Baseline Models:

ALOHA Extended Models (each simply use the malware family as additional labels)

  • ALOHA CNN
  • ALOHA Bigram
  • ALOHA LSTM
  • ALOHA LSTM + CNN

Installation

conda create -n dga_predict python=2.7 scikit-learn keras tensorflow-gpu matplotlib
source activate dga_predict
pip install tldextract

Running the code

python run.py

will download and generate all the data, train and evaluate the 8 classifiers, and save several PNGs to disk (the ROC curves at various zoom levels).

It defaults to 1 fold to speed things up. This code will run on your local machine or on a machine with a GPU (GPU will of course be much faster).

DGA Algorithms

We have 11 DGA algorithms in our repo. Some are from the https://github.com/baderj/domain_generation_algorithms repo. We noted these in each file and kept the same GNU license. However, we made some small edits such as allowing for no TLD and varying the size for some algorithms.

You can’t perform that action at this time.