DNS tunneling detection through statistical fingerprints of protocol messages and machine learning
Autor: | Gianluca Papaleo, Maurizio Aiello, Maurizio Mongelli |
---|---|
Rok vydání: | 2014 |
Předmět: |
Computer Networks and Communications
business.industry Computer science Domain Name System ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS Supervised learning Intrusion detection system Machine learning computer.software_genre Security policy Computer security Artificial intelligence Electrical and Electronic Engineering business Proxy (statistics) computer Protocol (object-oriented programming) Computer network |
Zdroj: | International Journal of Communication Systems. 28:1987-2002 |
ISSN: | 1074-5351 |
DOI: | 10.1002/dac.2836 |
Popis: | The use of covert-channel methods to bypass security policies has increased considerably in the recent years. Malicious users neutralize security restriction by encapsulating protocols like peer-to-peer, chat or http proxy into other allowed protocols like Domain Name Server DNS or HTTP. This paper illustrates a machine learning approach to detect one particular covert-channel technique: DNS tunneling. |
Databáze: | OpenAIRE |
Externí odkaz: |