Detection DNS Tunneling Botnets

被引:5
|
作者
Savenko, Bohdan [1 ]
Lysenko, Sergii [1 ]
Bobrovnikova, Kira [1 ]
Savenko, Oleg [1 ]
Markowsky, George [2 ]
机构
[1] Khmelnitsky Natl Univ, Khmelnitsky, Ukraine
[2] Missouri Univ Sci & Technol, Rolla, MO USA
来源
PROCEEDINGS OF THE THE 11TH IEEE INTERNATIONAL CONFERENCE ON INTELLIGENT DATA ACQUISITION AND ADVANCED COMPUTING SYSTEMS: TECHNOLOGY AND APPLICATIONS (IDAACS'2021), VOL 1 | 2021年
关键词
malware; botnet; botnet detection; DNS; DNS tunneling attacks; networks; classifier; network security; GAME MODEL;
D O I
10.1109/IDAACS53288.2021.9661022
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Botnets are often used in cyberattacks on network services and individual users, so the ability to detect botnets is very important. Botnets use DNS tunneling to send malicious command-and-control (C&C) commands to victims' hosts. Unfortunately, DNS tunneling attacks are very hard to detect. The paper presents a new approach for DNS tunneling botnet detection, which considers all the features and architectural characteristics of botnets. The technique described in this paper is highly efficient at detecting DNS tunneling attacks.
引用
收藏
页码:64 / 69
页数:6
相关论文
共 50 条
  • [31] DNS tunneling detection through statistical fingerprints of protocol messages and machine learning
    Aiello, M.
    Mongelli, M.
    Papaleo, G.
    INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2015, 28 (14) : 1987 - 2002
  • [32] Behavior Analysis based DNS Tunneling Detection and Classification with Big Data Technologies
    Yu, Bin
    Smith, Les
    Threefoot, Mark
    Olumofin, Femi
    IOTBD: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON INTERNET OF THINGS AND BIG DATA, 2016, : 284 - 290
  • [33] A DNS Tunneling Detection Method Based on Deep Learning Models to Prevent Data Exfiltration
    Zhang, Jiacheng
    Yang, Li
    Yu, Shui
    Ma, Jianfeng
    NETWORK AND SYSTEM SECURITY, NSS 2019, 2019, 11928 : 520 - 535
  • [34] CSR-PTDNG: A Graph Construction Method for DNS Tunneling Domain Names Detection
    Xu, Zhaoyang
    Guan, Zhujie
    Tian, Mengmeng
    2024 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS, ISCC 2024, 2024,
  • [35] DBod: Clustering and detecting DGA-based botnets using DNS traffic analysis
    Wang, Tzy-Shiah
    Lin, Hui-Tang
    Cheng, Wei-Tsung
    Chen, Chang-Yu
    COMPUTERS & SECURITY, 2017, 64 : 1 - 15
  • [36] An adaptive framework for the detection of novel botnets
    Cid-Fuentes, Javier Alvarez
    Szabo, Claudia
    Falkner, Katrina
    COMPUTERS & SECURITY, 2018, 79 : 148 - 161
  • [37] Tunneling through DNS over TLS providers
    Melcher, Lukas
    Hynek, Karel
    Cejka, Tomas
    2022 18TH INTERNATIONAL CONFERENCE ON NETWORK AND SERVICE MANAGEMENT (CNSM 2022): INTELLIGENT MANAGEMENT OF DISRUPTIVE NETWORK TECHNOLOGIES AND SERVICES, 2022,
  • [38] Detecting DNS Tunneling Using Ensemble Learning
    Shafieian, Saeed
    Smith, Daniel
    Zulkernine, Mohammad
    NETWORK AND SYSTEM SECURITY, 2017, 10394 : 112 - 127
  • [39] Performance assessment and analysis of DNS tunneling tools
    Aiello, Maurizio
    Merlo, Alessio
    Papaleo, Gianluca
    LOGIC JOURNAL OF THE IGPL, 2013, 21 (04) : 592 - 602
  • [40] A Comparative Performance Evaluation of DNS Tunneling Tools
    Merlo, Alessio
    Papaleo, Gianluca
    Veneziano, Stefano
    Aiello, Maurizio
    COMPUTATIONAL INTELLIGENCE IN SECURITY FOR INFORMATION SYSTEMS, 2011, 6694 : 84 - 91
12345