English
Related papers

Related papers: A Pipeline for DNS-Based Software Fingerprinting

200 papers

Detecting Domain Name System (DNS) tunneling is a significant challenge in security due to its capacity to hide harmful actions within DNS traffic that appears to be normal and legitimate. Traditional detection methods are based on…

Cryptography and Security · Computer Science 2025-07-15 Novruz Amirov , Baran Isik , Bilal Ihsan Tuncer , Serif Bahtiyar

In recent years, malware with tunneling (or: covert channel) capabilities is on the rise. While malware research led to several methods and innovations, the detection and differentiation of malware solely based on its DNS tunneling features…

Cryptography and Security · Computer Science 2025-11-20 Denis Petrov , Pascal Ruffing , Sebastian Zillien , Steffen Wendzel

It is generally recognized that the traffic generated by an individual connected to a network acts as his biometric signature. Several tools exploit this fact to fingerprint and monitor users. Often, though, these tools assume to access the…

Cryptography and Security · Computer Science 2014-02-11 Nino Vincenzo Verde , Giuseppe Ateniese , Emanuele Gabrielli , Luigi Vincenzo Mancini , Angelo Spognardi

DONUT is a database of papers about practical, real-world uses of Topological Data Analysis (TDA). Its original seed was planted in a group chat formed during the HIM Spring School on Applied and Computational Algebraic Topology in April…

Digital Libraries · Computer Science 2023-04-26 Barbara Giunti , Jānis Lazovskis , Bastian Rieck

Keyword spotting--or wakeword detection--is an essential feature for hands-free operation of modern voice-controlled devices. With such devices becoming ubiquitous, users might want to choose a personalized custom wakeword. In this work, we…

Machine Learning · Computer Science 2018-11-28 Loren Lugosch , Samuel Myer , Vikrant Singh Tomar

Software Defined Networking (SDN) has become a new paradigm in computer networking, introducing a decoupled architecture that separates the network into the data plane and the control plane. The control plane acts as the centralized brain,…

Formal Languages and Automata Theory · Computer Science 2024-11-01 Georgiana Caltais , Mahboobeh Zangiabady , Ervin Zvirbulis

Detecting covert channels among legitimate traffic represents a severe challenge due to the high heterogeneity of networks. Therefore, we propose an effective covert channel detection method, based on the analysis of DNS network data…

Cryptography and Security · Computer Science 2020-10-06 Salvatore Saeli , Federica Bisio , Pierangelo Lombardo , Danilo Massa

Domain Name Service is a trusted protocol made for name resolution, but during past years some approaches have been developed to use it for data transfer. DNS Tunneling is a method where data is encoded inside DNS queries, allowing…

Cryptography and Security · Computer Science 2020-06-16 Franco Palau , Carlos Catania , Jorge Guerra , Sebastian Garcia , Maria Rigaki

Software-defined networking (SDN) eases network management by centralizing the control plane and separating it from the data plane. The separation of planes in SDN, however, introduces new vulnerabilities in SDN networks since the…

Cryptography and Security · Computer Science 2015-12-22 Heng Cui , Ghassan O. Karame , Felix Klaedtke , Roberto Bifulco

In the presence of security countermeasures, a malware designed for data exfiltration must do so using a covert channel to achieve its goal. Among existing covert channels stands the domain name system (DNS) protocol. Although the detection…

Cryptography and Security · Computer Science 2018-06-19 Asaf Nadler , Avi Aminov , Asaf Shabtai

The purpose of this project is to assess how well defenders can detect DNS-over-HTTPS (DoH) file exfiltration, and which evasion strategies can be used by attackers. While providing a reproducible toolkit to generate, intercept and analyze…

Cryptography and Security · Computer Science 2025-12-24 Adam Elaoumari

Today's routing protocols critically rely on the assumption that the underlying hardware is trusted. Given the increasing number of attacks on network devices, and recent reports on hardware backdoors this assumption has become…

Networking and Internet Architecture · Computer Science 2017-05-02 Kashyap Thimmaraju , Liron Schiff , Stefan Schmid

Dynamic taint analysis (DTA) is widely used by various applications to track information flow during runtime execution. Existing DTA techniques use rule-based taint-propagation, which is neither accurate (i.e., high false positive) nor…

Cryptography and Security · Computer Science 2019-09-04 Dongdong She , Yizheng Chen , Abhishek Shah , Baishakhi Ray , Suman Jana

Browser fingerprinting aims to identify users or their devices, through scripts that execute in the users' browser and collect information on software or hardware characteristics. It is used to track users or as an additional means of…

Software-Defined Networking (SDN) controllers are considered as Network Operating Systems (NOSs) and often viewed as a single point of failure. Detecting which SDN controller is managing a target network is a big step for an attacker to…

Networking and Internet Architecture · Computer Science 2017-05-03 Abdelhadi Azzouni , Othmen Braham , Nguyen Thi Mai Trang , Guy Pujolle , Raouf Boutaba

A covert attack method often used by APT organizations is the DNS tunnel, which is used to pass information by constructing C2 networks. And they often use the method of frequently changing domain names and server IP addresses to evade…

Networking and Internet Architecture · Computer Science 2022-07-15 Xin Ma , Shize Guo , Zhisong Pan , Bin Liu , Kaolin Jiang , Ming Chen , Shijiao Tang

In this paper, we propose an approach that relies on distributed traffic generation and monitoring to identify the operational data-paths in a given Software Defined Networking (SDN) driven data-plane. We show that under certain…

Networking and Internet Architecture · Computer Science 2019-06-10 José Reyes , Jorge López , Djamal Zeghlache

We present an application of Artificial Intelligence techniques to the field of Information Security. The problem of remote Operating System (OS) Detection, also called OS Fingerprinting, is a crucial step of the penetration testing…

Cryptography and Security · Computer Science 2010-06-16 Javier Burroni , Carlos Sarraute

In this paper, we present MORTON, a method that identifies compromised devices in enterprise networks based on the existence of routine DNS communication between devices and disreputable host names. With its compact representation of the…

Cryptography and Security · Computer Science 2021-01-22 Yael Daihes , Hen Tzaban , Asaf Nadler , Asaf Shabtai

This paper introduces NeuRoute, a dynamic routing framework for Software Defined Networks (SDN) entirely based on machine learning, specifically, Neural Networks. Current SDN/OpenFlow controllers use a default routing based on Dijkstra…

Networking and Internet Architecture · Computer Science 2017-09-19 Abdelhadi Azzouni , Raouf Boutaba , Guy Pujolle
‹ Prev 1 2 3 10 Next ›