Comprehensive Analysis of Adversarial Robustness in Domain Generation Algorithm Classification

This work conducts a comprehensive study on the robustness of domain generation algorithm (DGA) classifiers against a wide range of adversarial attacks. The authors implement 32 white-box attacks, many of which are highly effective in inducing false-negative rates of around 100% on unhardened classifiers. To defend the classifiers, the authors evaluate different hardening approaches and propose a novel training scheme that leverages adversarial latent space vectors and discretized adversarial domains, significantly improving robustness without compromising performance.