Detection of exfiltration and tunneling over DNS
A Das, MY Shen, M Shashanka… - 2017 16th IEEE …, 2017 - ieeexplore.ieee.org
This paper proposes a method to detect two primary means of using the Domain Name
System (DNS) for malicious purposes. We develop machine learning models to detect …
System (DNS) for malicious purposes. We develop machine learning models to detect …
DNS-ADVP: A machine learning anomaly detection and visual platform to protect top-level domain name servers against DDoS attacks
DNS DDoS attacks may severely affect the operation of computer networks, prompting the
need for methods able to timely detect them, and then to apply mitigation countermeasures …
need for methods able to timely detect them, and then to apply mitigation countermeasures …
Enabling network security through active DNS datasets
Most modern cyber crime leverages the Domain Name System (DNS) to attain high levels of
network agility and make detection of Internet abuse challenging. The majority of malware …
network agility and make detection of Internet abuse challenging. The majority of malware …
Automatic detection of DGA-enabled malware using SDN and traffic behavioral modeling
Enterprise networks are under enormous threats from sophisticated cyber-attacks. Various
kinds of malware are installed by attackers on compromised hosts, acting as bots that …
kinds of malware are installed by attackers on compromised hosts, acting as bots that …
[PDF][PDF] DNS-based Detection of Scanning Worms in an Enterprise Network.
D Whyte, E Kranakis, PC Van Oorschot - NDSS, 2005 - scs.carleton.ca
Worms are arguably the most serious security threat facing the Internet. Motivated to develop
a detection technique that is both efficient and accurate enough to enable automatic …
a detection technique that is both efficient and accurate enough to enable automatic …
Detecting DNS over HTTPS based data exfiltration
DNS is often used by attackers as a covert channel for data exfiltration, also known as DNS
tunneling. Since the plaintext DNS lookup leads to privacy issues, DNS over HTTPS (DoH) …
tunneling. Since the plaintext DNS lookup leads to privacy issues, DNS over HTTPS (DoH) …
A DNS tunneling detection method based on deep learning models to prevent data exfiltration
DNS tunneling is a typical DNS attack that has been used for stealing information for many
years. The stolen data is encoded and encapsulated into the DNS request to evade intrusion …
years. The stolen data is encoded and encapsulated into the DNS request to evade intrusion …
Efficient and accurate behavior-based tracking of malware-control domains in large ISP networks
In this article, we propose Segugio, a novel defense system that allows for efficiently tracking
the occurrence of new malware-control domain names in very large ISP networks. Segugio …
the occurrence of new malware-control domain names in very large ISP networks. Segugio …
Monitoring the initial DNS behavior of malicious domains
S Hao, N Feamster, R Pandrangi - Proceedings of the 2011 ACM …, 2011 - dl.acm.org
Attackers often use URLs to advertise scams or propagate malware. Because the reputation
of a domain can be used to identify malicious behavior, miscreants often register these …
of a domain can be used to identify malicious behavior, miscreants often register these …
Understanding the privacy implications of ecs
The edns-client-subnet (ECS) is a new extension for the Domain Name System (DNS) that
delivers a “faster Internet” with the help of client-specific DNS answers. Under ECS …
delivers a “faster Internet” with the help of client-specific DNS answers. Under ECS …