Detection of tunnels in PCAP data by random forests
AL Buczak, PA Hanke, GJ Cancro, MK Toma… - Proceedings of the 11th …, 2016 - dl.acm.org
This paper describes an approach for detecting the presence of domain name system (DNS)
tunnels in network traffic. DNS tunneling is a common technique hackers use to establish …
tunnels in network traffic. DNS tunneling is a common technique hackers use to establish …
Real-time detection of dictionary dga network traffic using deep learning
K Highnam, D Puzio, S Luo, NR Jennings - SN Computer Science, 2021 - Springer
Botnets and malware continue to avoid detection by static rule engines when using domain
generation algorithms (DGAs) for callouts to unique, dynamically generated web addresses …
generation algorithms (DGAs) for callouts to unique, dynamically generated web addresses …
Detecting algorithmically generated malicious domain names
Recent Botnets such as Conficker, Kraken and Torpig have used DNS based" domain
fluxing" for command-and-control, where each Bot queries for existence of a series of …
fluxing" for command-and-control, where each Bot queries for existence of a series of …
Segugio: Efficient behavior-based tracking of malware-control domains in large ISP networks
B Rahbarinia, R Perdisci… - 2015 45th Annual IEEE …, 2015 - ieeexplore.ieee.org
In this paper, we propose Segugio, a novel defense system that allows for efficiently tracking
the occurrence of new malware-control domain names in very large ISP networks. Segugio …
the occurrence of new malware-control domain names in very large ISP networks. Segugio …
Classifying malicious domains using DNS traffic analysis
S Mahdavifar, N Maleki, AH Lashkari… - 2021 IEEE Intl Conf …, 2021 - ieeexplore.ieee.org
Malicious domains are one of the major threats that have jeopardized the viability of the
Internet over the years. Threat actors usually abuse the Domain Name System (DNS) to lure …
Internet over the years. Threat actors usually abuse the Domain Name System (DNS) to lure …
Dictionary extraction and detection of algorithmically generated domain names in passive DNS traffic
Automatic detection of algorithmically generated domains (AGDs) is a crucial element for
fighting Botnets. Modern AGD detection systems have benefited from the combination of …
fighting Botnets. Modern AGD detection systems have benefited from the combination of …
SDN-assisted network-based mitigation of slow DDoS attacks
Slow-running attacks against network applications are often not easy to detect, as the
attackers behave according to the specification. The servers of many network applications …
attackers behave according to the specification. The servers of many network applications …
[PDF][PDF] Behavior Analysis based DNS Tunneling Detection and Classification with Big Data Technologies.
B Yu, L Smith, M Threefoot, FG Olumofin - IoTBD, 2016 - scitepress.org
Domain Name System (DNS) is ubiquitous in any network. DNS tunnelling is a technique to
transfer data, convey messages or conduct TCP activities over DNS protocol that is typically …
transfer data, convey messages or conduct TCP activities over DNS protocol that is typically …
DNS traffic analysis for malicious domains detection
I Ghafir, V Prenosil - 2015 2nd International Conference on …, 2015 - ieeexplore.ieee.org
The web has become the medium of choice for people to search for information, conduct
business, and enjoy entertainment. At the same time, the web has also become the primary …
business, and enjoy entertainment. At the same time, the web has also become the primary …
[PDF][PDF] Cracking wall of confinement: Understanding and analyzing malicious domain takedowns
E Alowaisheq - The Network and Distributed System Security …, 2019 - par.nsf.gov
Take-down operations aim to disrupt cybercrime involving malicious domains. In the past
decade, many successful take-down operations have been reported, including those against …
decade, many successful take-down operations have been reported, including those against …