A survey on DNS encryption: Current development, malware misuse, and inference techniques
The domain name system (DNS) that maps alphabetic names to numeric Internet Protocol
(IP) addresses plays a foundational role in Internet communications. By default, DNS …
(IP) addresses plays a foundational role in Internet communications. By default, DNS …
Domain name system security and privacy: A contemporary survey
Abstract The Domain Name System (DNS) is one of the most important components of
today's Internet, and is the standard naming convention between human-readable domain …
today's Internet, and is the standard naming convention between human-readable domain …
PREDATOR: proactive recognition and elimination of domain abuse at time-of-registration
Miscreants register thousands of new domains every day to launch Internet-scale attacks,
such as spam, phishing, and drive-by downloads. Quickly and accurately determining a …
such as spam, phishing, and drive-by downloads. Quickly and accurately determining a …
DNS tunnels detection via DNS-images
DNS tunneling is a typical attack adopted by cyber-criminals to compromise victims' devices,
steal sensitive data, or perform fraudulent actions against third parties without their …
steal sensitive data, or perform fraudulent actions against third parties without their …
Summary of DNS over HTTPS abuse
The Internet Engineering Task Force adopted the DNS over HTTPS protocol in 2018 to
remediate privacy issues regarding the plain text transmission of the DNS protocol …
remediate privacy issues regarding the plain text transmission of the DNS protocol …
DNS tunneling detection by cache-property-aware features
N Ishikura, D Kondo, V Vassiliades… - … on Network and …, 2021 - ieeexplore.ieee.org
Many enterprises are under threat of targeted attacks aiming at data exfiltration. To launch
such attacks, in recent years, attackers with their malware have exploited a covert channel …
such attacks, in recent years, attackers with their malware have exploited a covert channel …
FECC: DNS tunnel detection model based on CNN and clustering
J Liang, S Wang, S Zhao, S Chen - Computers & Security, 2023 - Elsevier
As the basic service of the network, the Domain Name System (DNS) is almost never
blocked by the firewall. DNS tunnel takes advantage of this feature of DNS service to …
blocked by the firewall. DNS tunnel takes advantage of this feature of DNS service to …
Bitter harvest: Systematically fingerprinting low-and medium-interaction honeypots at internet scale
The current generation of low-and medium interaction honeypots uses off-the-shelf libraries
to provide the transport layer. We show that this architecture is fatally flawed because the …
to provide the transport layer. We show that this architecture is fatally flawed because the …
Detection of stealthy malware activities with traffic causality and scalable triggering relation discovery
Studies show that a significant portion of networked computers are infected with stealthy
malware. Infection allows remote attackers to control, utilize, or spy on victim machines …
malware. Infection allows remote attackers to control, utilize, or spy on victim machines …
Causality reasoning about network events for detecting stealthy malware activities
Malicious software activities have become more and more clandestine, making them
challenging to detect. Existing security solutions rely heavily on the recognition of known …
challenging to detect. Existing security solutions rely heavily on the recognition of known …