English
Related papers

Related papers: A Covert Data Transport Protocol

200 papers
DNS Tunneling: A Deep Learning based Lexicographical Detection Approach

Domain Name Service is a trusted protocol made for name resolution, but during past years some approaches have been developed to use it for data transfer. DNS Tunneling is a method where data is encoded inside DNS queries, allowing…

Cryptography and Security · Computer Science 2020-06-16 Franco Palau , Carlos Catania , Jorge Guerra , Sebastian Garcia , Maria Rigaki
Browser-Based Covert Data Exfiltration

Current best practices heavily control user permissions on network systems. This effectively mitigates many insider threats regarding the collection and exfiltration of data. Many methods of covert communication involve crafting custom…

Cryptography and Security · Computer Science 2010-04-27 Kenton Born
Encrypted and Covert DNS Queries for Botnets: Challenges and Countermeasures

There is a continuous increase in the sophistication that modern malware exercise in order to bypass the deployed security mechanisms. A typical approach to evade the identification and potential takedown of a botnet command and control…

Cryptography and Security · Computer Science 2019-09-17 Constantinos Patsakis , Fran Casino , Vasilios Katos
A Survey on DNS Encryption: Current Development, Malware Misuse, and Inference Techniques

The domain name system (DNS) that maps alphabetic names to numeric Internet Protocol (IP) addresses plays a foundational role for Internet communications. By default, DNS queries and responses are exchanged in unencrypted plaintext, and…

Cryptography and Security · Computer Science 2024-07-08 Minzhao Lyu , Hassan Habibi Gharakheili , Vijay Sivaraman
Encrypted DNS --> Privacy? A Traffic Analysis Perspective

Virtually every connection to an Internet service is preceded by a DNS lookup which is performed without any traffic-level protection, thus enabling manipulation, redirection, surveillance, and censorship. To address these issues, large…

Cryptography and Security · Computer Science 2019-10-08 Sandra Siby , Marc Juarez , Claudia Diaz , Narseo Vallina-Rodriguez , Carmela Troncoso
Exploiting Statistical and Structural Features for the Detection of Domain Generation Algorithms

Nowadays, malware campaigns have reached a high level of sophistication, thanks to the use of cryptography and covert communication channels over traditional protocols and services. In this regard, a typical approach to evade botnet…

Cryptography and Security · Computer Science 2021-01-25 Constantinos Patsakis , Fran Casino
Tracking and Characterizing Botnets Using Automatically Generated Domains

Modern botnets rely on domain-generation algorithms (DGAs) to build resilient command-and-control infrastructures. Recent works focus on recognizing automatically generated domains (AGDs) from DNS traffic, which potentially allows to…

Cryptography and Security · Computer Science 2013-11-25 Stefano Schiavoni , Federico Maggi , Lorenzo Cavallaro , Stefano Zanero
DNS Tunneling: Threat Landscape and Improved Detection Solutions

Detecting Domain Name System (DNS) tunneling is a significant challenge in security due to its capacity to hide harmful actions within DNS traffic that appears to be normal and legitimate. Traditional detection methods are based on…

Cryptography and Security · Computer Science 2025-07-15 Novruz Amirov , Baran Isik , Bilal Ihsan Tuncer , Serif Bahtiyar
Inline Detection of DGA Domains Using Side Information

Malware applications typically use a command and control (C&C) server to manage bots to perform malicious activities. Domain Generation Algorithms (DGAs) are popular methods for generating pseudo-random domain names that can be used to…

Cryptography and Security · Computer Science 2020-03-13 Raaghavi Sivaguru , Jonathan Peck , Femi Olumofin , Anderson Nascimento , Martine De Cock
Privacy Preserving Passive DNS

The Domain Name System (DNS) was created to resolve the IP addresses of the web servers to easily remembered names. When it was initially created, security was not a major concern; nowadays, this lack of inherent security and trust has…

Cryptography and Security · Computer Science 2020-08-17 Pavlos Papadopoulos , Nikolaos Pitropakis , William J. Buchanan , Owen Lo , Sokratis Katsikas
DNS-GT: A Graph-based Transformer Approach to Learn Embeddings of Domain Names from DNS Queries

Network intrusion detection systems play a crucial role in the security strategy employed by organisations to detect and prevent cyberattacks. Such systems usually combine pattern detection signatures with anomaly detection techniques…

Cryptography and Security · Computer Science 2026-03-13 Massimiliano Altieri , Ronan Hamon , Roberto Corizzo , Michelangelo Ceci , Ignacio Sanchez
A Lightweight Adaptable DNS Channel for Covert Data Transmission

Due to the vital role of security in online communications and this fact that attackers are developing their tools, modernizing the security tools is an essential. The efficiency of crypto systems has been proven after years, however one…

Cryptography and Security · Computer Science 2020-04-01 Mahboubeh Nazari , Sousan Tarahomi , Sobhan Aliabady
Sharing FANCI Features: A Privacy Analysis of Feature Extraction for DGA Detection

The goal of Domain Generation Algorithm (DGA) detection is to recognize infections with bot malware and is often done with help of Machine Learning approaches that classify non-resolving Domain Name System (DNS) traffic and are trained on…

Cryptography and Security · Computer Science 2021-10-13 Benedikt Holmes , Arthur Drichel , Ulrike Meyer
Defending Root DNS Servers Against DDoS Using Layered Defenses

Distributed Denial-of-Service (DDoS) attacks exhaust resources, leaving a server unavailable to legitimate clients. The Domain Name System (DNS) is a frequent target of DDoS attacks. Since DNS is a critical infrastructure service,…

Cryptography and Security · Computer Science 2022-09-16 A S M Rizvi , Jelena Mirkovic , John Heidemann , Wesley Hardaker , Robert Story
Command & Control (C2) Traffic Detection Via Algorithm Generated Domain (Dga) Classification Using Deep Learning And Natural Language Processing

The sophistication of modern malware, specifically regarding communication with Command and Control (C2) servers, has rendered static blacklist-based defenses obsolete. The use of Domain Generation Algorithms (DGA) allows attackers to…

Machine Learning · Computer Science 2025-12-10 Maria Milena Araujo Felix
DRIFT: Drift-Resilient Invariant-Feature Transformer for DGA Detection

Domain Generation Algorithms (DGAs) evolve continuously to evade botnet detection, posing a persistent challenge for dependable network defense. While deep learning-based detectors achieve strong performance under static conditions, they…

Cryptography and Security · Computer Science 2026-05-12 Chaeyoung Lee , Chaeri Jung , Seonghoon Jeong
CONDENSER: A Graph-Based Approachfor Detecting Botnets

Botnets represent a global problem and are responsible for causing large financial and operational damage to their victims. They are implemented with evasion in mind, and aim at hiding their architecture and authors, making them difficult…

Cryptography and Security · Computer Science 2014-11-03 Pedro Camelo , Joao Moura , Ludwig Krippahl
Detection of Malicious and Low Throughput Data Exfiltration Over the DNS Protocol

In the presence of security countermeasures, a malware designed for data exfiltration must do so using a covert channel to achieve its goal. Among existing covert channels stands the domain name system (DNS) protocol. Although the detection…

Cryptography and Security · Computer Science 2018-06-19 Asaf Nadler , Avi Aminov , Asaf Shabtai
Detection of Malicious DNS-over-HTTPS Traffic: An Anomaly Detection Approach using Autoencoders

To maintain the privacy of users' web browsing history, popular browsers encrypt their DNS traffic using the DNS-over-HTTPS (DoH) protocol. Unfortunately, encrypting DNS packets prevents many existing intrusion detection systems from using…

Cryptography and Security · Computer Science 2023-10-18 Sergio Salinas Monroy , Aman Kumar Gupta , Garrett Wahlstedt
Detecting Compressed Cleartext Traffic from Consumer Internet of Things Devices

Data encryption is the primary method of protecting the privacy of consumer device Internet communications from network observers. The ability to automatically detect unencrypted data in network traffic is therefore an essential tool for…

Cryptography and Security · Computer Science 2018-05-09 Daniel Hahn , Noah Apthorpe , Nick Feamster
‹ Prev 1 2 3 10 Next ›