A comprehensive survey on DNS tunnel detection

Y Wang, A Zhou, S Liao, R Zheng, R Hu, L Zhang - Computer Networks, 2021 - Elsevier
Abstract Domain Name System (DNS) tunnels, established between the controlled host and
master server disguised as the authoritative domain name server, can be used as a secret …

DNS covert channel detection method using the LSTM model

S Chen, B Lang, H Liu, D Li, C Gao - Computers & Security, 2021 - Elsevier
DNS is a kind of basic network protocol that is rarely blocked by firewalls; therefore, it is used
to build covert channels. Malicious DNS covert channels play an important role in data …

[PDF][PDF] Dns tunneling: a review on features

M Sammour, B Hussin, MFI Othman… - … of Engineering & …, 2018 - researchgate.net
One of the significant threats that faces the web nowadays is the DNS tunneling which is an
attack that exploit the domain name protocol in order to bypass security gateways. This …

DNS tunneling detection by cache-property-aware features

N Ishikura, D Kondo, V Vassiliades… - … on Network and …, 2021 - ieeexplore.ieee.org
Many enterprises are under threat of targeted attacks aiming at data exfiltration. To launch
such attacks, in recent years, attackers with their malware have exploited a covert channel …

DNS tunneling detection method based on multilabel support vector machine

A Almusawi, H Amintoosi - Security and Communication …, 2018 - Wiley Online Library
DNS tunneling is a method used by malicious users who intend to bypass the firewall to
send or receive commands and data. This has a significant impact on revealing or releasing …

Semi-supervised multivariate statistical network monitoring for learning security threats

J Camacho, G Maciá-Fernández… - IEEE Transactions …, 2019 - ieeexplore.ieee.org
This paper presents a semi-supervised approach for intrusion detection. The method
extends the unsupervised multivariate statistical network monitoring approach based on the …

Multivariate Big Data Analysis for intrusion detection: 5 steps from the haystack to the needle

J Camacho, JM García-Giménez… - Computers & …, 2019 - Elsevier
The research literature on cybersecurity incident detection & response is very rich in
automatic detection methodologies, in particular those based on the anomaly detection …

Mining of intrusion attack in SCADA network using clustering and genetically seeded flora‐based optimal classification algorithm

S Selvarajan, M Shaik, S Ameerjohn… - IET Information …, 2020 - Wiley Online Library
The applications such as the remote communication and the control system are in critically
integrated arrangement. The controlling of these network is specified by supervisory control …

A filter feature selection algorithm based on mutual information for intrusion detection

F Zhao, J Zhao, X Niu, S Luo, Y Xin - Applied Sciences, 2018 - mdpi.com
For a large number of network attacks, feature selection is used to improve intrusion
detection efficiency. A new mutual information algorithm of the redundant penalty between …

Group-wise principal component analysis for exploratory intrusion detection

J Camacho, R Therón, JM García-Giménez… - IEEE …, 2019 - ieeexplore.ieee.org
Intrusion detection is a relevant layer of cybersecurity to prevent hacking and illegal activities
from happening on the assets of corporations. Anomaly-based Intrusion Detection Systems …