English
Related papers

Related papers: Detecting DNS Tunnels Using Character Frequency An…

200 papers

In this paper, I explore the potential of network embedding (a.k.a. graph representation learning) to characterize DNS entities in passive network traffic logs. I propose an MF-DNS-E (\underline{M}atrix-\underline{F}actorization-based…

Social and Information Networks · Computer Science 2024-12-02 Meng Qin

DNS tunneling techniques are often used for malicious purposes but network security mechanisms have struggled to detect these. Network forensic analysis has thus been used but has proved slow and effort intensive as Network Forensics…

Cryptography and Security · Computer Science 2017-09-20 Irvin Homem , Panagiotis Papapetrou , Spyridon Dosis

Privacy leaks are an unfortunate and an integral part of the current Internet domain name resolution. Each DNS query generated by a user reveals -- to one or more DNS servers -- the origin and target of that query. Over time, a user's…

Cryptography and Security · Computer Science 2015-03-13 Yanbin Lu , Gene Tsudik

This paper details data science research in the area of Cyber Threat Intelligence applied to a specific type of Distributed Denial of Service (DDoS) attack. We study a DDoS technique prevalent in the Domain Name System (DNS) for which…

Cryptography and Security · Computer Science 2019-07-23 Renée Burton

This paper proposes a defense scheme against malicious use of DNS tunnel. A tunnel validator is designed to provide trustworthy tunnel-aware defensive recursive service. In addition to the detection algorithm of malicious tunnel domains,…

Cryptography and Security · Computer Science 2016-05-05 Zheng Wang

The proliferation of global censorship has led to the development of a plethora of measurement platforms to monitor and expose it. Censorship of the domain name system (DNS) is a key mechanism used across different countries. It is…

Recent work in traffic analysis has shown that traffic patterns leaked through side channels can be used to recover important semantic information. For instance, attackers can find out which website, or which page on a website, a user is…

Cryptography and Security · Computer Science 2011-09-02 Xun Gong , Negar Kiyavash , Nabíl Schear , Nikita Borisov

To maintain the privacy of users' web browsing history, popular browsers encrypt their DNS traffic using the DNS-over-HTTPS (DoH) protocol. Unfortunately, encrypting DNS packets prevents many existing intrusion detection systems from using…

Cryptography and Security · Computer Science 2023-10-18 Sergio Salinas Monroy , Aman Kumar Gupta , Garrett Wahlstedt

Modern botnets rely on domain-generation algorithms (DGAs) to build resilient command-and-control infrastructures. Recent works focus on recognizing automatically generated domains (AGDs) from DNS traffic, which potentially allows to…

Cryptography and Security · Computer Science 2013-11-25 Stefano Schiavoni , Federico Maggi , Lorenzo Cavallaro , Stefano Zanero

Both enterprise and national firewalls filter network connections. For data forensics and botnet removal applications, it is important to establish the information source. In this paper, we describe a data transport layer which allows a…

Cryptography and Security · Computer Science 2017-04-04 Yu Fu , Zhe Jia , Lu Yu , Xingsi Zhong , Richard Brooks

Although the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by--the still exposed--IP…

Cryptography and Security · Computer Science 2021-06-17 Nguyen Phong Hoang , Arian Akhavan Niaki , Phillipa Gill , Michalis Polychronakis

Signature-based and protocol-based intrusion detection systems (IDS) are employed as means to reveal content-based network attacks. Such systems have proven to be effective in identifying known intrusion attempts and exploits but they fail…

Cryptography and Security · Computer Science 2016-08-22 Fabrizio Angiulli , Luciano Argento , Angelo Furfaro

Current best practices heavily control user permissions on network systems. This effectively mitigates many insider threats regarding the collection and exfiltration of data. Many methods of covert communication involve crafting custom…

Cryptography and Security · Computer Science 2010-04-27 Kenton Born

Deep Neural Networks (DNNs) are commonly used for various traffic analysis problems, such as website fingerprinting and flow correlation, as they outperform traditional (e.g., statistical) techniques by large margins. However, deep neural…

Cryptography and Security · Computer Science 2020-02-18 Milad Nasr , Alireza Bahramali , Amir Houmansadr

In this paper, we present the modular design and implementation of DONUT, a novel tool for identifying software running on a device. Our tool uses a rule-based approach to detect software-specific DNS fingerprints (stored in an easily…

Networking and Internet Architecture · Computer Science 2022-08-16 Sebastian Schäfer , Ulrike Meyer

A safe and secure Domain Name System (DNS) is of paramount importance for the digital economy and society. Malicious activities on the DNS, generally referred to as "DNS abuse" are frequent and severe problems affecting online security and…

Cryptography and Security · Computer Science 2022-12-20 Jan Bayer , Yevheniya Nosyk , Olivier Hureau , Simon Fernandez , Ivett Paulovics , Andrzej Duda , Maciej Korczyński

The Domain Name System (DNS) is essential for the Internet, giving a mechanism to resolve hostnames into Internet Protocol (IP) addresses. DNS is known as the world's largest distributed database that manages hostnames and Internet…

Cryptography and Security · Computer Science 2021-08-31 Hassnain ul hassan , Rizal Mohd Nor , Md Amiruzzaman , Sharyar Wani , Md. Rajibul Islam

Improperly configured domain name system (DNS) servers are sometimes used as packet reflectors as part of a DoS or DDoS attack. Detecting packets created as a result of this activity is logically possible by monitoring the DNS request and…

Networking and Internet Architecture · Computer Science 2021-11-10 Keiichi Shima , Ryo Nakamura , Kazuya Okada , Tomohiro Ishihara , Daisuke Miyamoto , Yuji Sekiya

Encrypted tunneling protocols are widely used. Beyond business and personal uses, malicious actors also deploy tunneling to hinder the detection of Command and Control and data exfiltration. A common approach to maintain visibility on…

Cryptography and Security · Computer Science 2022-01-26 Johan Mazel , Matthieu Saudrais , Antoine Hervieu

Recent advances in learning Deep Neural Network (DNN) architectures have received a great deal of attention due to their ability to outperform state-of-the-art classifiers across a wide range of applications, with little or no feature…

Cryptography and Security · Computer Science 2018-04-03 Se Eun Oh , Saikrishna Sunkam , Nicholas Hopper