DNS tunnels detection via DNS-images
作者:
Highlights:
• A robust and reliable Deep Learning-based DNS tunneling detection system is provided.
• Valuable insight from DNS query payloads are extracted.
• A number of basic features, extracted by the DNS queries, are arranged as bi-dimensional images, named DNS-images.
• A stacked neural network has been provided for classifying the typology of queries.
• Great performance has been achieved, that is 99.99% of accuracy.
摘要
•A robust and reliable Deep Learning-based DNS tunneling detection system is provided.•Valuable insight from DNS query payloads are extracted.•A number of basic features, extracted by the DNS queries, are arranged as bi-dimensional images, named DNS-images.•A stacked neural network has been provided for classifying the typology of queries.•Great performance has been achieved, that is 99.99% of accuracy.
论文关键词:DNS security,DNS tunneling,Data exfiltration,Anomaly detection,Classification,Convolutional neural network
论文评审过程:Received 29 October 2021, Revised 13 February 2022, Accepted 9 March 2022, Available online 25 March 2022, Version of Record 25 March 2022.
论文官网地址:https://doi.org/10.1016/j.ipm.2022.102930