Millions of new domain names are registered every day, but a large proportion of them are malicious and usually discovered and blacklisted after the crime has been committed. In order to improve the security of domain name registration, this paper proposes a lightweight detection method based on the AdaBoost to identify malicious domain names, which focuses on proactively detecting malicious domain names by exploring the abnormal WHOIS records. The domain name registries and registrars can adopt the proposed method as the first layer of defense to identify malicious domains on the domain registration stage. Extensive experiments on a large-scale database demonstrate that the proposed approach achieves satisfactory results on various malicious domain names.

中文翻译：

---

使用基于特征的规则检测具有异常 WHOIS 记录的恶意域名

每天都有数以百万计的新域名被注册，但其中很大一部分是恶意的，通常在犯罪后被发现并列入黑名单。为了提高域名注册的安全性，本文提出了一种基于AdaBoost的恶意域名检测轻量级检测方法，重点是通过挖掘异常的WHOIS记录来主动检测恶意域名。域名注册管理机构和注册服务机构可以采用该方法作为第一层防御，在域名注册阶段识别恶意域名。在大规模数据库上的大量实验表明，所提出的方法在各种恶意域名上都取得了令人满意的结果。