[HTML][HTML] A lightweight double-stage scheme to identify malicious DNS over HTTPS traffic using a hybrid learning approach
The Domain Name System (DNS) protocol essentially translates domain names to IP
addresses, enabling browsers to load and utilize Internet resources. Despite its major role …
addresses, enabling browsers to load and utilize Internet resources. Despite its major role …
Dns over https detection using standard flow telemetry
The aim of DNS over HTTPS (DoH) is to enhance users' privacy by encrypting DNS.
However, it also enables adversaries to bypass security mechanisms that rely on inspecting …
However, it also enables adversaries to bypass security mechanisms that rely on inspecting …
[HTML][HTML] Real-time detection system for data exfiltration over DNS tunneling using machine learning
The domain name system (DNS) plays a vital role in network services for name resolution.
By default, this service is seldom blocked by security solutions. Thus, it has been exploited …
By default, this service is seldom blocked by security solutions. Thus, it has been exploited …
[HTML][HTML] Real time detection of malicious DoH traffic using statistical analysis
The DNS protocol plays a fundamental role in the operation of ubiquitous networks. All
devices connected to these networks need DNS to work, both for traditional domain name to …
devices connected to these networks need DNS to work, both for traditional domain name to …
Unveiling DoH tunnel: Toward generating a balanced DoH encrypted traffic dataset and profiling malicious behavior using inherently interpretable machine learning
Encrypted domain name resolution can reduce the risk of privacy leakage for Internet users.
However, it may also prevent network administrators from detecting suspicious …
However, it may also prevent network administrators from detecting suspicious …
Detecting malicious use of DOH tunnels using statistical traffic analysis
M Moure-Garrido, C Campo… - Proceedings of the 19th …, 2022 - dl.acm.org
DNS plays a fundamental role in the operation of ubiquitous networks. All devices
connected to these networks need DNS to work, both for traditional domain name to IP …
connected to these networks need DNS to work, both for traditional domain name to IP …
[HTML][HTML] FF-MR: a DoH-encrypted DNS covert channel detection method based on feature fusion
Y Wang, C Shen, D Hou, X Xiong, Y Li - Applied Sciences, 2022 - mdpi.com
In this paper, in order to accurately detect Domain Name System (DNS) covert channels
based on DNS over HTTPS (DoH) encryption and to solve the problems of weak single …
based on DNS over HTTPS (DoH) encryption and to solve the problems of weak single …
[PDF][PDF] Malicious Network Traffic Detection for DNS over HTTPS using Machine Learning Algorithms
LFG Casanova, PC Lin - APSIPA Transactions on Signal and …, 2023 - nowpublishers.com
Machine learning is an effective analysis tool to tackle the challenges to detect any
suspicious events in the network traffic flow. In this paper, our major contribution is to …
suspicious events in the network traffic flow. In this paper, our major contribution is to …
[HTML][HTML] Comparative analysis of DNS over HTTPS detectors
DNS over HTTPS (DoH) is a protocol that encrypts DNS traffic to improve user privacy and
security. However, its use also poses challenges for network operators and security analysts …
security. However, its use also poses challenges for network operators and security analysts …
Insights into doh: Traffic classification for dns over https in an encrypted network
In the past few years there has been a growing desire to provide more built in functionality to
protect user communications from eavesdropping. An example of this is DNS over HTTPS …
protect user communications from eavesdropping. An example of this is DNS over HTTPS …