Identifying DNS-tunneled traffic with predictive models
A Berg, D Forsberg - arXiv preprint arXiv:1906.11246, 2019 - arxiv.org
DNS is a distributed, fault tolerant system that avoids a single point of failure. As such it is an
integral part of the internet as we use it today and hence deemed a safe protocol which is let …
integral part of the internet as we use it today and hence deemed a safe protocol which is let …
Harnessing predictive models for assisting network forensic investigations of DNS tunnels
I Homem, P Papapetrou - 2017 - commons.erau.edu
In recent times, DNS tunneling techniques have been used for malicious purposes, however
network security mechanisms struggle to detect them. Network forensic analysis has been …
network security mechanisms struggle to detect them. Network forensic analysis has been …
DNS tunneling detection with supervised learning
R Preston - … IEEE International Symposium on Technologies for …, 2019 - ieeexplore.ieee.org
This paper presents an advanced analytic capable of detecting general DNS tunneling
behavior with high precision and recall. It explores the application of supervised machine …
behavior with high precision and recall. It explores the application of supervised machine …
Machine Learning Techniques for Accurately Detecting the DNS Tunneling
M Alkasassbeh, M Almseidin - Science and Information Conference, 2023 - Springer
For many networks to function properly, DNS is the main protocol. Security policies typically
permit DNS traffic and therefore attackers use DNS traffic for malicious purposes. This …
permit DNS traffic and therefore attackers use DNS traffic for malicious purposes. This …
Entropy-based prediction of network protocols in the forensic analysis of dns tunnels
I Homem, P Papapetrou, S Dosis - arXiv preprint arXiv:1709.06363, 2017 - arxiv.org
DNS tunneling techniques are often used for malicious purposes but network security
mechanisms have struggled to detect these. Network forensic analysis has thus been used …
mechanisms have struggled to detect these. Network forensic analysis has thus been used …
Information-entropy-based DNS tunnel prediction
I Homem, P Papapetrou, S Dosis - Advances in Digital Forensics XIV: 14th …, 2018 - Springer
DNS tunneling techniques are often used for malicious purposes. Network security
mechanisms have struggled to detect DNS tunneling. Network forensic analysis has been …
mechanisms have struggled to detect DNS tunneling. Network forensic analysis has been …
Classifying DNS over HTTPS Malicious/Benign Traffic Using Deep Learning Models
M Chougule, K Praveen, S Viswanathan… - … Conference on Soft …, 2023 - ieeexplore.ieee.org
As we live in an era where privacy over the Internet has become rudimentary, protocols like
DNS over HTTPS (DoH) and DNS over TLS (DoT), which promote encryption, have become …
DNS over HTTPS (DoH) and DNS over TLS (DoT), which promote encryption, have become …
Refined identification of hybrid traffic in DNS tunnels based on regression analysis
DNS (Domain Name System) tunnels almost obscure the true network activities of users,
which makes it challenging for the gateway or censorship equipment to identify malicious or …
which makes it challenging for the gateway or censorship equipment to identify malicious or …
DNS tunnels detection via DNS-images
DNS tunneling is a typical attack adopted by cyber-criminals to compromise victims' devices,
steal sensitive data, or perform fraudulent actions against third parties without their …
steal sensitive data, or perform fraudulent actions against third parties without their …
Network flow entropy for identifying malicious behaviours in DNS tunnels
Y Khodjaeva, N Zincir-Heywood - Proceedings of the 16th International …, 2021 - dl.acm.org
In this paper, we propose the concept of” entropy of a flow” to augment flow statistical
features for identifying malicious behaviours in DNS tunnels, specifically DNS over HTTPS …
features for identifying malicious behaviours in DNS tunnels, specifically DNS over HTTPS …