Detection DNS Tunneling Botnets

被引：5

作者：

Savenko, Bohdan ^{[1
]}

Lysenko, Sergii ^{[1
]}

Bobrovnikova, Kira ^{[1
]}

Savenko, Oleg ^{[1
]}

Markowsky, George ^{[2
]}

机构：

[1] Khmelnitsky Natl Univ, Khmelnitsky, Ukraine

[2] Missouri Univ Sci & Technol, Rolla, MO USA

来源：

PROCEEDINGS OF THE THE 11TH IEEE INTERNATIONAL CONFERENCE ON INTELLIGENT DATA ACQUISITION AND ADVANCED COMPUTING SYSTEMS: TECHNOLOGY AND APPLICATIONS (IDAACS'2021), VOL 1 | 2021年

关键词：

malware; botnet; botnet detection; DNS; DNS tunneling attacks; networks; classifier; network security; GAME MODEL;

D O I：

10.1109/IDAACS53288.2021.9661022

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Botnets are often used in cyberattacks on network services and individual users, so the ability to detect botnets is very important. Botnets use DNS tunneling to send malicious command-and-control (C&C) commands to victims' hosts. Unfortunately, DNS tunneling attacks are very hard to detect. The paper presents a new approach for DNS tunneling botnet detection, which considers all the features and architectural characteristics of botnets. The technique described in this paper is highly efficient at detecting DNS tunneling attacks.

引用

页码：64 / 69

页数：6

共 50 条

[21] Deep Learning Based DNS Tunneling Detection and Blocking System
Altuncu, Mehmet Ali
Gulagiz, Fidan Kaya
Ozcan, Hikmetcan
Bayir, Omer Faruk
Gezgin, Alperen
Niyazov, Ata
Cavuslu, Mehmet Ali
Sahin, Suhap
ADVANCES IN ELECTRICAL AND COMPUTER ENGINEERING, 2021, 21 (03) : 39 - 48
[22] DNS Tunneling Detection by Cache-Property-Aware Features
Ishikura, Naotake
Kondo, Daishi
Vassiliades, Vassilis
Iordanov, Iordan
Tode, Hideki
IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2021, 18 (02): : 1203 - 1217
[23] Cache-Property-Aware Features for DNS Tunneling Detection
Ishikura, Naotake
Kondo, Daishi
Iordanov, Iordan
Vassiliades, Vassilis
Tode, Hideki
2020 23RD CONFERENCE ON INNOVATION IN CLOUDS, INTERNET AND NETWORKS AND WORKSHOPS (ICIN 2020), 2020, : 216 - 220
[24] A Rule-based Approach to Detect Botnets based on DNS
Alieyan, Kamal
Almomani, Ammar
Abdullah, Rosni
Anbar, Mohammed
2018 8TH IEEE INTERNATIONAL CONFERENCE ON CONTROL SYSTEM, COMPUTING AND ENGINEERING (ICCSCE 2018), 2018, : 115 - 120
[25] Adversarial Defense: DGA-Based Botnets and DNS Homographs Detection Through Integrated Deep Learning
Ravi, Vinayakumar
Alazab, Mamoun
Srinivasan, Sriram
Arunachalam, Ajay
Soman, K. P.
IEEE TRANSACTIONS ON ENGINEERING MANAGEMENT, 2023, 70 (01) : 249 - 266
[26] TI-16 DNS Labeled Dataset for Detecting Botnets
Singh, Manmeet
Singh, Maninder
Kaur, Sanmeet
IEEE ACCESS, 2023, 11 : 62616 - 62629
[27] DNS Tunneling Detection Method Based on Multilabel Support Vector Machine
Almusawi, Ahmed
Amintoosi, Haleh
SECURITY AND COMMUNICATION NETWORKS, 2018,
[28] On the detection and identification of botnets
Seewald, Alexander K.
Gansterer, Wilfried N.
COMPUTERS & SECURITY, 2010, 29 (01) : 45 - 58
[29] Lightweight Detection of Spamming Botnets
Takesue, Masaru
PROCEEDINGS OF THE FIFTH INTERNATIONAL CONFERENCE ON EMERGING SECURITY INFORMATION, SYSTEMS AND TECHNOLOGIES (SECURWARE 2011), 2011, : 1 - 6
[30] Real-Time Detection of DNS Exfiltration and Tunneling from Enterprise Networks
Ahmed, Jawad
Gharakheili, Hassan Habibi
Raza, Qasim
Russell, Craig
Sivaraman, Vijay
2019 IFIP/IEEE SYMPOSIUM ON INTEGRATED NETWORK AND SERVICE MANAGEMENT (IM), 2019, : 649 - 653

← 1 2 3 4 5 →