English
Related papers

Related papers: Domainator: Detecting and Identifying DNS-Tunnelin…

200 papers

Nowadays, malware increasingly uses DNS-based covert channels in order to evade detection and maintain stealthy communication with its command-and-control servers. While prior work has focused on detecting such activity, identifying…

Cryptography and Security · Computer Science 2025-11-26 Pascal Ruffing , Denis Petrov , Sebastian Zillien , Steffen Wendzel

In the presence of security countermeasures, a malware designed for data exfiltration must do so using a covert channel to achieve its goal. Among existing covert channels stands the domain name system (DNS) protocol. Although the detection…

Cryptography and Security · Computer Science 2018-06-19 Asaf Nadler , Avi Aminov , Asaf Shabtai

Detecting Domain Name System (DNS) tunneling is a significant challenge in security due to its capacity to hide harmful actions within DNS traffic that appears to be normal and legitimate. Traditional detection methods are based on…

Cryptography and Security · Computer Science 2025-07-15 Novruz Amirov , Baran Isik , Bilal Ihsan Tuncer , Serif Bahtiyar

Domain Name Service is a trusted protocol made for name resolution, but during past years some approaches have been developed to use it for data transfer. DNS Tunneling is a method where data is encoded inside DNS queries, allowing…

Cryptography and Security · Computer Science 2020-06-16 Franco Palau , Carlos Catania , Jorge Guerra , Sebastian Garcia , Maria Rigaki

Malware is one of the most common and severe cyber-attack today. Malware infects millions of devices and can perform several malicious activities including mining sensitive data, encrypting data, crippling system performance, and many more.…

Cryptography and Security · Computer Science 2024-01-30 Pascal Maniriho , Abdun Naser Mahmood , Mohammad Jabed Morshed Chowdhury

The domain name system (DNS) that maps alphabetic names to numeric Internet Protocol (IP) addresses plays a foundational role for Internet communications. By default, DNS queries and responses are exchanged in unencrypted plaintext, and…

Cryptography and Security · Computer Science 2024-07-08 Minzhao Lyu , Hassan Habibi Gharakheili , Vijay Sivaraman

The problem of malicious software (malware) detection and classification is a complex task, and there is no perfect approach. There is still a lot of work to be done. Unlike most other research areas, standard benchmarks are difficult to…

Cryptography and Security · Computer Science 2024-07-30 Ahmed Bensaoud , Jugal Kalita , Mahmoud Bensaoud

Modern malware families often rely on domain-generation algorithms (DGAs) to determine rendezvous points to their command-and-control server. Traditional defence strategies (such as blacklisting domains or IP addresses) are inadequate…

Cryptography and Security · Computer Science 2017-09-22 Pierre Lison , Vasileios Mavroeidis

Analysing malware is important to understand how malicious software works and to develop appropriate detection and prevention methods. Dynamic analysis can overcome evasion techniques commonly used to bypass static analysis and provide…

Cryptography and Security · Computer Science 2023-10-30 Baskoro Adi Pratomo , Toby Jackson , Pete Burnap , Andrew Hood , Eirini Anthi

One of the major and serious threats that the Internet faces today is the vast amounts of data and files which need to be evaluated for potential malicious intent. Malicious software, often referred to as a malware that are designed by…

Cryptography and Security · Computer Science 2020-07-01 Sajedul Talukder

High-bandwidth covert channels pose significant risks to sensitive and proprietary information inside company networks. Domain Name System (DNS) tunnels provide a means to covertly infiltrate and exfiltrate large amounts of information…

Cryptography and Security · Computer Science 2010-04-27 Kenton Born , David Gustafson

Malicious domains are one of the major resources required for adversaries to run attacks over the Internet. Due to the important role of the Domain Name System (DNS), extensive research has been conducted to identify malicious domains based…

Cryptography and Security · Computer Science 2018-12-04 Yury Zhauniarovich , Issa Khalil , Ting Yu , Marc Dacier

The Domain Name System (DNS) is a core Internet service that translates domain names into IP addresses. It is a distributed database and protocol with many known weaknesses that subject to countless attacks including spoofing attacks,…

Cryptography and Security · Computer Science 2022-11-16 Alshaima Almarzooqi , Jawahir Mahmoud , Bayena Alzaabi , Arsiema Ghebremichael , Monther Aldwairi

Detection of malware-infected computers and detection of malicious web domains based on their encrypted HTTPS traffic are challenging problems, because only addresses, timestamps, and data volumes are observable. The detection problems are…

Machine Learning · Computer Science 2019-06-24 Paul Prasse , Rene Knaebel , Lukas Machlica , Tomas Pevny , Tobias Scheffer

This paper details data science research in the area of Cyber Threat Intelligence applied to a specific type of Distributed Denial of Service (DDoS) attack. We study a DDoS technique prevalent in the Domain Name System (DNS) for which…

Cryptography and Security · Computer Science 2019-07-23 Renée Burton

This paper proposes a defense scheme against malicious use of DNS tunnel. A tunnel validator is designed to provide trustworthy tunnel-aware defensive recursive service. In addition to the detection algorithm of malicious tunnel domains,…

Cryptography and Security · Computer Science 2016-05-05 Zheng Wang

A covert attack method often used by APT organizations is the DNS tunnel, which is used to pass information by constructing C2 networks. And they often use the method of frequently changing domain names and server IP addresses to evade…

Networking and Internet Architecture · Computer Science 2022-07-15 Xin Ma , Shize Guo , Zhisong Pan , Bin Liu , Kaolin Jiang , Ming Chen , Shijiao Tang

Our computer systems for decades have been threatened by various types of hardware and software attacks of which Malwares have been one of them. This malware has the ability to steal, destroy, contaminate, gain unintended access, or even…

Cryptography and Security · Computer Science 2021-04-15 Abhijitt Dhavlle , Sanket Shukla

Current malware detection and classification approaches generally rely on time consuming and knowledge intensive processes to extract patterns (signatures) and behaviors from malware, which are then used for identification. Moreover, these…

Cryptography and Security · Computer Science 2018-07-24 Quan Le , Oisín Boydell , Brian Mac Namee , Mark Scanlon

With the increasing extent of malware attacks in the present day along with the difficulty in detecting modern malware, it is necessary to evaluate the effectiveness and performance of Deep Neural Networks (DNNs) for malware classification.…

Cryptography and Security · Computer Science 2023-10-12 Akhil M R , Adithya Krishna V Sharma , Harivardhan Swamy , Pavan A , Ashray Shetty , Anirudh B Sathyanarayana
‹ Prev 1 2 3 10 Next ›