{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,3]],"date-time":"2026-03-03T21:58:37Z","timestamp":1772575117118,"version":"3.50.1"},"reference-count":50,"publisher":"Springer Science and Business Media LLC","issue":"7-8","license":[{"start":{"date-parts":[[2024,6,13]],"date-time":"2024-06-13T00:00:00Z","timestamp":1718236800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,6,13]],"date-time":"2024-06-13T00:00:00Z","timestamp":1718236800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Ann. Telecommun."],"published-print":{"date-parts":[[2024,8]]},"DOI":"10.1007\/s12243-024-01043-3","type":"journal-article","created":{"date-parts":[[2024,6,13]],"date-time":"2024-06-13T07:01:45Z","timestamp":1718262105000},"page":"457-473","update-policy":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["A review on lexical based malicious domain name detection methods"],"prefix":"10.1007","volume":"79","author":[{"ORCID":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/orcid.org\/0000-0003-3611-7174","authenticated-orcid":false,"given":"Cherifa","family":"Hamroun","sequence":"first","affiliation":[]},{"given":"Ahmed","family":"Amamou","sequence":"additional","affiliation":[]},{"given":"Kamel","family":"Haddadou","sequence":"additional","affiliation":[]},{"given":"Hayat","family":"Haroun","sequence":"additional","affiliation":[]},{"given":"Guy","family":"Pujolle","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,6,13]]},"reference":[{"key":"1043_CR1","doi-asserted-by":"crossref","unstructured":"Hamroun C, Amamou A, Haddadou K, Haroun H, Pujolle G (2022) A review on lexical based malicious domain name detection methods. In: 2022 6th Cyber security in networking conference (CSNet), IEEE, pp 1\u20137","DOI":"10.1109\/CSNet56116.2022.9955618"},{"key":"1043_CR2","doi-asserted-by":"publisher","unstructured":"Domain names - implementation and specification. RFC Editor (1987). https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.17487\/RFC1035. https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/rfc-editor.org\/rfc\/rfc1035.txt","DOI":"10.17487\/RFC1035"},{"key":"1043_CR3","doi-asserted-by":"crossref","unstructured":"Zhao H, Chang Z, Bao G, Zeng X (2019) Malicious domain names detection algorithm based on n-gram. J. Comp Netw Commun 2019","DOI":"10.1155\/2019\/4612474"},{"issue":"8","key":"1043_CR4","doi-asserted-by":"publisher","first-page":"5517","DOI":"10.1007\/s00500-018-03703-8","volume":"24","author":"M Zago","year":"2020","unstructured":"Zago M, Gil Perez M, Martinez Perez G (2020) Scalable detection of botnets based on DGA. Soft Comput 24(8):5517\u20135537","journal-title":"Soft Comput"},{"key":"1043_CR5","unstructured":"Plohmann D, Yakdan K, Klatt M, Bader J, Gerhards-Padilla E (2016) A comprehensive measurement study of domain generating malware. In: 25th USENIX Security Symposium (USENIX Security 16), USENIX Association, Austin, TX, pp 263\u2013278. https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/plohmann"},{"issue":"4","key":"1043_CR6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3191329","volume":"51","author":"Y Zhauniarovich","year":"2018","unstructured":"Zhauniarovich Y, Khalil I, Yu T, Dacier M (2018) A survey on malicious domains detection through DNS data analysis. ACM Comput Surv 51(4):1\u201336","journal-title":"ACM Comput Surv"},{"key":"1043_CR7","doi-asserted-by":"crossref","unstructured":"Fasllija E, Eni\u015fer HF, Pr\u00fcnster B (2019) Phish-hook: detecting phishing certificates using certificate transparency logs. In: International conference on security and privacy in communication systems, Springer, pp 320\u2013334","DOI":"10.1007\/978-3-030-37231-6_18"},{"issue":"4","key":"1043_CR8","doi-asserted-by":"publisher","first-page":"456","DOI":"10.1109\/ICJECE.2021.3072008","volume":"44","author":"A Moubayed","year":"2021","unstructured":"Moubayed A, Aqeeli E, Shami A (2021) Detecting DNS typo-squatting using ensemble-based feature selection & classification models. IEEE Can J Electr Comput Eng 44(4):456\u2013466. https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.1109\/ICJECE.2021.3072008","journal-title":"IEEE Can J Electr Comput Eng"},{"key":"1043_CR9","unstructured":"Dinaburg A (2011) Bitsquatting: DNS hijacking without exploitation. Proceedings of BlackHat Security"},{"key":"1043_CR10","doi-asserted-by":"publisher","unstructured":"Nikiforakis N, Van\u00a0Acker S, Meert W, Desmet L, Piessens F, Joosen W. Bitsquatting: exploiting bit-flips for fun, or profit? In: Proceedings of the 22nd international conference on world wide web. WWW \u201913, Association for Computing Machinery, New York, NY, USA, pp 989\u2013998. https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.1145\/2488388.2488474","DOI":"10.1145\/2488388.2488474"},{"key":"1043_CR11","doi-asserted-by":"publisher","unstructured":"Kintis P, Miramirkhani N, Lever C, Chen Y, Romero-G\u00f3mez R, Pitropakis N, Nikiforakis N, Antonakakis M (2017) Hiding in plain sight: a longitudinal study of combosquatting abuse. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security. CCS \u201917, Association for Computing Machinery, New York, NY, USA, pp 569\u2013586. https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.1145\/3133956.3134002","DOI":"10.1145\/3133956.3134002"},{"key":"1043_CR12","doi-asserted-by":"crossref","unstructured":"Du K, Yang H, Li Z, Duan H, Hao S, Liu B, Ye Y, Liu M, Su X, Liu G et al (2019) Tl; dr hazard: a comprehensive study of levelsquatting scams. In: International Conference on security and privacy in communication systems, Springer, pp 3\u201325","DOI":"10.1007\/978-3-030-37231-6_1"},{"key":"1043_CR13","doi-asserted-by":"publisher","unstructured":"Rossow C, Dietrich CJ, Grier C, Kreibich C, Paxson V, Pohlmann N, Bos H, Steen MV (2012) Prudent practices for designing malware experiments: status quo and outlook. In: 2012 IEEE Symposium on Security and Privacy, pp 65\u201379. https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.1109\/SP.2012.14","DOI":"10.1109\/SP.2012.14"},{"key":"1043_CR14","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1016\/j.eswa.2019.01.050","volume":"124","author":"J Selvi","year":"2019","unstructured":"Selvi J, Rodriguez RJ, Soria-Olivas E (2019) Detection of algorithmically generated malicious domain names using masked n-grams. Expert Syst Appl 124:156\u2013163","journal-title":"Expert Syst Appl"},{"key":"1043_CR15","doi-asserted-by":"publisher","first-page":"101719","DOI":"10.1016\/j.cose.2020.101719","volume":"92","author":"M Zago","year":"2020","unstructured":"Zago M, Perez MG, Perez GM (2020) UMUDGA: a dataset for profiling DGA-based botnet. Computers & Security 92:101719","journal-title":"Computers & Security"},{"key":"1043_CR16","doi-asserted-by":"publisher","unstructured":"Suryotrisongko H (2020) Botnet DGA dataset. https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.21227\/rg6z-z622","DOI":"10.21227\/rg6z-z622"},{"key":"1043_CR17","doi-asserted-by":"publisher","unstructured":"Le Pochat V, Van Goethem T, Tajalizadehkhoob S, Korczy\u0144ski M, Joosen W (2019) Tranco: a research-oriented top sites ranking hardened against manipulation. In: Proceedings of the 26th annual network and distributed system security symposium. NDSS 2019. https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.14722\/ndss.2019.23386","DOI":"10.14722\/ndss.2019.23386"},{"key":"1043_CR18","doi-asserted-by":"crossref","unstructured":"Vinayakumar R, Soman K, Poornachandran P, Alazab M, Thampi S (2019) Amritadga: a comprehensive data set for domain generation algorithms (DGAs) based domain name detection systems and application of deep learning, 455\u2013485","DOI":"10.1049\/PBPC035G_ch22"},{"key":"1043_CR19","doi-asserted-by":"publisher","unstructured":"Yadav S, Reddy AKK, Reddy ALN, Ranjan S (2010) Detecting algorithmically generated malicious domain names. In: Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement. IMC \u201910, Association for Computing Machinery, New York, NY, USA, pp 48\u201361. https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.1145\/1879141.1879148","DOI":"10.1145\/1879141.1879148"},{"key":"1043_CR20","doi-asserted-by":"crossref","unstructured":"Schiavoni S, Maggi F, Cavallaro L, Zanero S (2014) Phoenix: DGA-based botnet tracking and intelligence. In: International conference on detection of intrusions and malware, and vulnerability assessment, Springer, pp 192\u2013211","DOI":"10.1007\/978-3-319-08509-8_11"},{"key":"1043_CR21","doi-asserted-by":"publisher","first-page":"2408","DOI":"10.1016\/j.procs.2017.05.204","volume":"108","author":"P Zhang","year":"2017","unstructured":"Zhang P, Liu T, Zhang Y, Ya J, Shi J, Wang Y (2017) Domain watcher: detecting malicious domains based on local and global textual features. Procedia Comput Sci 108:2408\u20132412","journal-title":"Procedia Comput Sci"},{"issue":"3","key":"1043_CR22","doi-asserted-by":"publisher","first-page":"414","DOI":"10.3390\/electronics11030414","volume":"11","author":"H Vranken","year":"2022","unstructured":"Vranken H, Alizadeh H (2022) Detection of DGA-generated domain names with TF-IDF. Electronics 11(3):414","journal-title":"Electronics"},{"key":"1043_CR23","unstructured":"Sch\u00fcppen S, Teubert D, Herrmann P, Meyer U (2018) $$\\{$$FANCI$$\\}$$: feature-based automated $$\\{$$NXDomain$$\\}$$ classification and intelligence. In: 27th USENIX Security Symposium (USENIX Security 18), pp 1165\u20131181"},{"key":"1043_CR24","doi-asserted-by":"publisher","first-page":"101787","DOI":"10.1016\/j.cose.2020.101787","volume":"93","author":"AO Almashhadani","year":"2020","unstructured":"Almashhadani AO, Kaiiali M, Carlin D, Sezer S (2020) Maldomdetector: a system for detecting algorithmically generated domain names with machine learning. Computers & Security 93:101787","journal-title":"Computers & Security"},{"issue":"6","key":"1043_CR25","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1002\/spy2.127","volume":"3","author":"A GP","year":"2020","unstructured":"GP A, Gladston A (2020) A machine learning framework for domain generating algorithm based malware detection. Secur Priv 3(6):127","journal-title":"Secur Priv"},{"key":"1043_CR26","doi-asserted-by":"crossref","unstructured":"Mvula PK, Branco P, Jourdan G-V, Viktor HL (2022) COVID-19 malicious domain names classification. Expert Syst Appl 117553","DOI":"10.1016\/j.eswa.2022.117553"},{"key":"1043_CR27","doi-asserted-by":"crossref","unstructured":"Cersosimo M, Lara A (2022) Detecting malicious domains using the splunk machine learning toolkit. In: NOMS 2022-2022 IEEE\/ifip network operations and management symposium, IEEE, pp 1\u20136","DOI":"10.1109\/NOMS54207.2022.9789899"},{"key":"1043_CR28","doi-asserted-by":"crossref","unstructured":"Zhao H, Chen Z, Yan R (2022) Malicious domain names detection algorithm based on statistical features of urls. In: 2022 IEEE 25th International conference on computer supported cooperative work in design (CSCWD), IEEE, pp 11\u201316","DOI":"10.1109\/CSCWD54268.2022.9776264"},{"key":"1043_CR29","doi-asserted-by":"publisher","first-page":"111322","DOI":"10.1016\/j.jss.2022.111322","volume":"190","author":"Y Sun","year":"2022","unstructured":"Sun Y, Jian K, Cui L, Jiang G, Zhang S, Zhang Y, Pei D (2022) Online malicious domain name detection with partial labels for large-scale dependable systems. J Syst Softw 190:111322","journal-title":"J Syst Softw"},{"key":"1043_CR30","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1016\/j.cose.2019.04.015","volume":"85","author":"C Xu","year":"2019","unstructured":"Xu C, Shen J, Du X (2019) Detection method of domain names generated by DGAs based on semantic representation and deep neural network. Computers & Security 85:77\u201388","journal-title":"Computers & Security"},{"issue":"20","key":"1043_CR31","doi-asserted-by":"publisher","first-page":"4205","DOI":"10.3390\/app9204205","volume":"9","author":"Y Qiao","year":"2019","unstructured":"Qiao Y, Zhang B, Zhang W, Sangaiah AK, Wu H (2019) DGA domain name classification method based on long short-term memory with attention mechanism. Appl Sci 9(20):4205","journal-title":"Appl Sci"},{"key":"1043_CR32","doi-asserted-by":"publisher","first-page":"82876","DOI":"10.1109\/ACCESS.2020.2988877","volume":"8","author":"L Yang","year":"2020","unstructured":"Yang L, Liu G, Dai Y, Wang J, Zhai J (2020) Detecting stealthy domain generation algorithms using heterogeneous deep neural network framework. IEEE Access 8:82876\u201382889","journal-title":"IEEE Access"},{"key":"1043_CR33","doi-asserted-by":"crossref","unstructured":"Aarthi B, Jeenath\u00a0Shafana N, Flavia J, Chelliah BJ (2022) A hybrid multiclass classifier approach for the detection of malicious domain names using rnn model, 471\u2013482","DOI":"10.1007\/978-981-16-9573-5_35"},{"key":"1043_CR34","doi-asserted-by":"crossref","unstructured":"Huang X, Li H, Liu J, Liu F, Wang J, Xie B, Chen B, Zhang Q, Xue T (2022) A malicious domain detection model based on improved deep learning. Comput Intell Neurosci 2022","DOI":"10.1155\/2022\/9241670"},{"key":"1043_CR35","doi-asserted-by":"crossref","unstructured":"Niu Y, Guan M, Yuan W, Chen Y, Chen L, Yu Q (2022) A Bayesian optimization-based LSTM model for DGA domain name identification approach. In: Journal of Physics: Conference Series, vol. 2303, IOP Publishing, p 012015","DOI":"10.1088\/1742-6596\/2303\/1\/012015"},{"key":"1043_CR36","doi-asserted-by":"crossref","unstructured":"Sarojini S, Asha S (2022) Detection for domain generation algorithm (DGA) domain botnet based on neural network with multi-head self-attention mechanisms. Int J Syst Assur Eng Manag 1\u201316","DOI":"10.1007\/s13198-022-01713-2"},{"issue":"9","key":"1043_CR37","first-page":"2348","volume":"27","author":"W Zhang","year":"2016","unstructured":"Zhang W, Gong J, Liu X, Hu X et al (2016) Lightweight domain name detection algorithm based on morpheme features. J Softw 27(9):2348\u20132364","journal-title":"J Softw"},{"key":"1043_CR38","doi-asserted-by":"crossref","unstructured":"Buber E, Diri B, Sahingoz OK (2017) NLP based phishing attack detection from URLS. In: International conference on intelligent systems design and applications, Springer, pp 608\u2013618","DOI":"10.1007\/978-3-319-76348-4_59"},{"issue":"2","key":"1043_CR39","doi-asserted-by":"publisher","first-page":"176","DOI":"10.3390\/sym11020176","volume":"11","author":"L Yang","year":"2019","unstructured":"Yang L, Zhai J, Liu W, Ji X, Bai H, Liu G, Dai Y (2019) Detecting word-based algorithmically generated domains using semantic analysis. Symmetry 11(2):176","journal-title":"Symmetry"},{"key":"1043_CR40","first-page":"103148","volume":"66","author":"L Yang","year":"2022","unstructured":"Yang L, Liu G, Wang J, Zhai J, Dai Y (2022) A semantic element representation model for malicious domain name detection. J Inf Secur Appl 66:103148","journal-title":"J Inf Secur Appl"},{"key":"1043_CR41","doi-asserted-by":"crossref","unstructured":"Liang J, Chen S, Wei Z, Zhao S, Zhao W (2022) Hagdetector: heterogeneous DGA domain name detection model. Computers & Security 102803","DOI":"10.1016\/j.cose.2022.102803"},{"key":"1043_CR42","doi-asserted-by":"publisher","first-page":"107841","DOI":"10.1016\/j.compeleceng.2022.107841","volume":"100","author":"Z Wang","year":"2022","unstructured":"Wang Z, Guo Y, Montgomery D (2022) Machine learning-based algorithmically generated domain detection. Comput Electr Eng 100:107841","journal-title":"Comput Electr Eng"},{"key":"1043_CR43","doi-asserted-by":"publisher","first-page":"114551","DOI":"10.1016\/j.eswa.2020.114551","volume":"170","author":"A Cucchiarelli","year":"2021","unstructured":"Cucchiarelli A, Morbidoni C, Spalazzi L, Baldi M (2021) Algorithmically generated malicious domain names detection based on n-grams features. Expert Syst Appl 170:114551","journal-title":"Expert Syst Appl"},{"issue":"6","key":"1043_CR44","doi-asserted-by":"publisher","first-page":"1430","DOI":"10.1109\/TIFS.2017.2668361","volume":"12","author":"Y Fu","year":"2017","unstructured":"Fu Y, Yu L, Hambolu O, Ozcelik I, Husain B, Sun J, Sapra K, Du D, Beasley CT, Brooks RR (2017) Stealthy domain generation algorithms. IEEE Trans Inf Forensics Secur 12(6):1430\u20131443","journal-title":"IEEE Trans Inf Forensics Secur"},{"issue":"6","key":"1043_CR45","doi-asserted-by":"publisher","first-page":"1430","DOI":"10.1109\/TIFS.2017.2668361","volume":"12","author":"Y Fu","year":"2017","unstructured":"Fu Y, Yu L, Hambolu O, Ozcelik I, Husain B, Sun J, Sapra K, Du D, Beasley CT, Brooks RR (2017) Stealthy domain generation algorithms. IEEE Trans Inf Forensics Secur 12(6):1430\u20131443","journal-title":"IEEE Trans Inf Forensics Secur"},{"key":"1043_CR46","doi-asserted-by":"crossref","unstructured":"Anderson HS, Woodbridge J, Filar B (2016) Deepdga: adversarially-tuned domain generation and detection. In: Proceedings of the 2016 ACM workshop on artificial intelligence and security, pp 13\u201321","DOI":"10.1145\/2996758.2996767"},{"key":"1043_CR47","doi-asserted-by":"crossref","unstructured":"Peck J, Nie C, Sivaguru R, Grumer C, Olumofin F, Yu B, Nascimento A, De Cock M (2019) Charbot: a simple and effective method for evading DGA classifiers. IEEE Access 7:91759\u201391771","DOI":"10.1109\/ACCESS.2019.2927075"},{"key":"1043_CR48","doi-asserted-by":"publisher","first-page":"161580","DOI":"10.1109\/ACCESS.2020.3020964","volume":"8","author":"L Sidi","year":"2020","unstructured":"Sidi L, Nadler A, Shabtai A (2020) Maskdga: an evasion attack against DGA classifiers and adversarial defenses. IEEE Access 8:161580\u2013161592","journal-title":"IEEE Access"},{"key":"1043_CR49","doi-asserted-by":"publisher","first-page":"2225","DOI":"10.1109\/TIFS.2019.2960647","volume":"15","author":"X Yun","year":"2019","unstructured":"Yun X, Huang J, Wang Y, Zang T, Zhou Y, Zhang Y (2019) Khaos: an adversarial neural network DGA with high anti-detection ability. IEEE Trans Inf Forensics Secur 15:2225\u20132240","journal-title":"IEEE Trans Inf Forensics Secur"},{"key":"1043_CR50","doi-asserted-by":"crossref","unstructured":"Hunter JD (2007) Matplotlib: a 2d graphics environment. Comput Sci Eng 9(3):90\u201395","DOI":"10.1109\/MCSE.2007.55"}],"container-title":["Annals of Telecommunications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/link.springer.com\/content\/pdf\/10.1007\/s12243-024-01043-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/link.springer.com\/article\/10.1007\/s12243-024-01043-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/link.springer.com\/content\/pdf\/10.1007\/s12243-024-01043-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,27]],"date-time":"2024-07-27T06:35:07Z","timestamp":1722062107000},"score":1,"resource":{"primary":{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/link.springer.com\/10.1007\/s12243-024-01043-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,6,13]]},"references-count":50,"journal-issue":{"issue":"7-8","published-print":{"date-parts":[[2024,8]]}},"alternative-id":["1043"],"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.1007\/s12243-024-01043-3","relation":{},"ISSN":["0003-4347","1958-9395"],"issn-type":[{"value":"0003-4347","type":"print"},{"value":"1958-9395","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,6,13]]},"assertion":[{"value":"27 January 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 May 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 June 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}]}}