KRTunnel: DNS channel detector for mobile devices

被引：10

作者：

Wang, Senmiao ^{[1
]}

Sun, Luli ^{[1
]}

Qin, Sujuan ^{[1
]}

Li, WenMin ^{[1
]}

Liu, Wentao ^{[1
]}

机构：

[1] Beijing Univ Posts & Telecommun, State Key Lab Networking & Switching Technol, Beijing 100876, Peoples R China

来源：

COMPUTERS & SECURITY | 2022年 / 120卷

关键词：

DNS tunnel detection; DNS response; Isolated forest; Android; Network security;

D O I：

10.1016/j.cose.2022.102818

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Nowadays, DNS channel attacks on mobile devices have become a challenging threat. Attackers usually attack mobile devices and steal information with the help of DNS channel. It is difficult for users to de-tect this kind of attack, especially when attackers covert sensitive information in the DNS response. In this paper, we proposed a method for DNS tunnel detection based on isolated forest for Android. We constructed a framework for mobile devices to collect DNS tunnel traffic. Based on the analysis of DNS tunnel traffic generated on mobile devices, we extracted features based on DNS request and response and constructed the feature set. We proposed a DNS tunnel detector, KRTunnel, for mobile devices. Experi-ments showed that KRTunnel can identify unseen DNS tunnel traffic with the accuracy of 98.1%.(c) 2022 The Authors. Published by Elsevier Ltd. This is an open access article under the CC BY license ( http://creativecommons.org/licenses/by/4.0/ )

引用

页数：10

共 50 条

[31] Channel-aware video streaming for mobile devices over WiBro network
Jeong, Jae-Yun
Kim, Soo-Hyung
Baek, Seung-Jin
Kim, Hye-Soo
Ko, Sung-Jea
2008 DIGEST OF TECHNICAL PAPERS INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS, 2008, : 430 - +
[32] Group-oriented channel protection for mobile devices in digital multimedia broadcasting
Kim, WH
Yoo, KY
COMPUTER AND INFORMATION SCIENCES - ISCIS 2005, PROCEEDINGS, 2005, 3733 : 103 - 112
[33] Dual-channel spectral weighting for robust speech recognition in mobile devices
Lopez-Espejo, Ivan
Peinado, Antonio M.
Gomez, Angel M.
Gonzalez, Jose A.
DIGITAL SIGNAL PROCESSING, 2018, 75 : 13 - 24
[34] Supporting mobile connectivity: from learning scenarios to multi-channel devices
Rouillard, Jose
Peter, Yvan
Tarby, Jean-Claude
Vantroys, Thomas
Chevrin, Vincent
INTERNATIONAL JOURNAL OF CONTINUING ENGINEERING EDUCATION AND LIFE-LONG LEARNING, 2008, 18 (04) : 396 - 410
[35] Indoor Positioning System Using WLAN Channel Estimates as Fingerprints for Mobile Devices
Schmidt, Erick
Akopian, David
MOBILE DEVICES AND MULTIMEDIA: ENABLING TECHNOLOGIES, ALGORITHMS, AND APPLICATIONS 2015, 2015, 9411
[36] DNSNA: DNS Name Autoconfiguration for Internet of Things Devices
Lee, Sejun
Jeong, Jaehoon
Park, Jung-Soo
2016 18TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATIONS TECHNOLOGY (ICACT) - INFORMATION AND COMMUNICATIONS FOR SAFE AND SECURE LIFE, 2016, : 410 - 416
[37] Mobile Arrhythmia Detector
Borodin, Alexander
Zavyalova, Yuliya
PROCEEDINGS OF THE 11TH CONFERENCE OF OPEN INNOVATIONS ASSOCIATION FRUCT, 2012, : 184 - 185
[38] Mobile devices
不详
FORTUNE, 2001, 143 (13) : 157 - 157
[39] Mobile Devices
不详
TECHNOLOGY REVIEW, 2011, 114 (03) : 71 - 79
[40] Study of DNS Rebinding Attacks on Smart Home Devices
Tatang, Dennis
Suurland, Tim
Holz, Thorsten
COMPUTER SECURITY, ESORICS 2019, 2020, 11980 : 391 - 401

← 1 2 3 4 5 →