Spaces:
Sleeping
Sleeping
A newer version of the Gradio SDK is available:
5.49.1
metadata
title: DGA Domain Classifier
emoji: π
colorFrom: red
colorTo: blue
sdk: gradio
sdk_version: 4.44.0
app_file: app.py
pinned: false
license: mit
DGA Domain Classifier
Interactive demo for detecting DGA (Domain Generation Algorithm) domains using a transformer-based model.
Model: ccss17/dga-transformer-encoder
What does this do?
This app classifies domain names as either:
- β Legitimate: Normal domains (e.g., google.com, github.com)
- π¨ DGA (Malicious): Algorithmically-generated domains used by malware (e.g., xjkd8f2h.com)
Features
- Single domain classification with confidence scores
- Batch prediction for multiple domains
- Visual feedback with color-coded results
- 96.78% accuracy on test set
- <1ms inference time per domain
How to use
- Enter a domain name (without http:// or paths)
- Click "Classify Domain"
- See the prediction and confidence score
Try these examples:
- Legitimate:
google.com,github.com,stackoverflow.com - Malicious DGA:
xjkd8f2h.com,qwfp93nx.net,h4fk29fd.org
About DGAs
Domain Generation Algorithms (DGAs) are used by malware to generate pseudo-random domain names for C2 (command-and-control) communication. This makes it harder for security systems to block malicious traffic using traditional blacklists.
Technical Details
- Architecture: Custom Transformer Encoder (4 layers, 256 dim, 8 heads)
- Parameters: 3.2M
- Training Data: ExtraHop DGA dataset (500K samples)
- Framework: PyTorch + HuggingFace Transformers
- Model Files: This Space includes the custom model code (
model.py,charset.py) to enable loading the custom architecture
Built with β€οΈ using PyTorch, HuggingFace, and Gradio