Detection DNS Tunneling Botnets

被引:5
|
作者
Savenko, Bohdan [1 ]
Lysenko, Sergii [1 ]
Bobrovnikova, Kira [1 ]
Savenko, Oleg [1 ]
Markowsky, George [2 ]
机构
[1] Khmelnitsky Natl Univ, Khmelnitsky, Ukraine
[2] Missouri Univ Sci & Technol, Rolla, MO USA
来源
PROCEEDINGS OF THE THE 11TH IEEE INTERNATIONAL CONFERENCE ON INTELLIGENT DATA ACQUISITION AND ADVANCED COMPUTING SYSTEMS: TECHNOLOGY AND APPLICATIONS (IDAACS'2021), VOL 1 | 2021年
关键词
malware; botnet; botnet detection; DNS; DNS tunneling attacks; networks; classifier; network security; GAME MODEL;
D O I
10.1109/IDAACS53288.2021.9661022
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Botnets are often used in cyberattacks on network services and individual users, so the ability to detect botnets is very important. Botnets use DNS tunneling to send malicious command-and-control (C&C) commands to victims' hosts. Unfortunately, DNS tunneling attacks are very hard to detect. The paper presents a new approach for DNS tunneling botnet detection, which considers all the features and architectural characteristics of botnets. The technique described in this paper is highly efficient at detecting DNS tunneling attacks.
引用
收藏
页码:64 / 69
页数:6
相关论文
共 50 条
  • [1] Botnets Detection in DNS logs using machine learning
    Fernandez-Pena, Felix
    Zurita-Amores, Adrian
    2019 14TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI), 2019,
  • [2] BotScoop: Scalable detection of DGA based botnets using DNS traffic
    Khehra, Gulbadan
    Sofat, Sanjeev
    2018 9TH INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATION AND NETWORKING TECHNOLOGIES (ICCCNT), 2018,
  • [3] Detection of fast-flux botnets through DNS traffic analysis
    Soltanaghaei, E.
    Kharrazi, M.
    SCIENTIA IRANICA, 2015, 22 (06) : 2389 - 2400
  • [4] DNS-based Anti-evasion Technique for Botnets Detection
    Lysenko, Sergii
    Pomorova, Oksana
    Savenko, Oleg
    Kryshchuk, Andrii
    Bobrovnikova, Kira
    2015 IEEE 8TH INTERNATIONAL CONFERENCE ON INTELLIGENT DATA ACQUISITION AND ADVANCED COMPUTING SYSTEMS: TECHNOLOGY AND APPLICATIONS (IDAACS), VOLS 1-2, 2015, : 453 - 458
  • [5] DGA-based botnets detection using DNS traffic mining
    Manasrah, Ahmed M.
    Khdour, Thair
    Freehat, Raeda
    JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES, 2022, 34 (05) : 2045 - 2061
  • [6] DNS tunneling Detection Using Elasticsearch
    Sani, A. F.
    Setiawan, M. A.
    3RD INTERNATIONAL CONFERENCE ON ENGINEERING TECHNOLOGY FOR SUSTAINABLE DEVELOPMENT (ICET4SD), 2020, 722
  • [7] Basic Classifiers for DNS Tunneling Detection
    Aiello, Maurizio
    Mongelli, Maurizio
    Papaleo, Gianluca
    2013 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS (ISCC), 2013,
  • [8] Detection of Exfiltration and Tunneling over DNS
    Das, Anirban
    Shen, Min-Yi
    Shashanka, Madhu
    Wang, Jisheng
    2017 16TH IEEE INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND APPLICATIONS (ICMLA), 2017, : 737 - 742
  • [9] Identifying botnets using anomaly detection techniques applied to DNS traffic
    Villamarin-Salomon, Ricardo
    Brustoloni, Jose Carlos
    2008 5TH IEEE CONSUMER COMMUNICATIONS AND NETWORKING CONFERENCE, VOLS 1-3, 2008, : 476 - 481
  • [10] Anti-evasion Technique for the Botnets Detection Based on the Passive DNS Monitoring and Active DNS Probing
    Pomorova, Oksana
    Savenko, Oleg
    Lysenko, Sergii
    Kryshchuk, Andrii
    Bobrovnikova, Kira
    COMPUTER NETWORKS, CN 2016, 2016, 608 : 83 - 95
12345