Detection DNS Tunneling Botnets

被引：5

作者：

Savenko, Bohdan ^{[1
]}

Lysenko, Sergii ^{[1
]}

Bobrovnikova, Kira ^{[1
]}

Savenko, Oleg ^{[1
]}

Markowsky, George ^{[2
]}

机构：

[1] Khmelnitsky Natl Univ, Khmelnitsky, Ukraine

[2] Missouri Univ Sci & Technol, Rolla, MO USA

来源：

PROCEEDINGS OF THE THE 11TH IEEE INTERNATIONAL CONFERENCE ON INTELLIGENT DATA ACQUISITION AND ADVANCED COMPUTING SYSTEMS: TECHNOLOGY AND APPLICATIONS (IDAACS'2021), VOL 1 | 2021年

关键词：

malware; botnet; botnet detection; DNS; DNS tunneling attacks; networks; classifier; network security; GAME MODEL;

D O I：

10.1109/IDAACS53288.2021.9661022

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Botnets are often used in cyberattacks on network services and individual users, so the ability to detect botnets is very important. Botnets use DNS tunneling to send malicious command-and-control (C&C) commands to victims' hosts. Unfortunately, DNS tunneling attacks are very hard to detect. The paper presents a new approach for DNS tunneling botnet detection, which considers all the features and architectural characteristics of botnets. The technique described in this paper is highly efficient at detecting DNS tunneling attacks.

引用

页码：64 / 69

页数：6

共 40 条

[1]

Abdelhaq M., 2020, Int J Electric Comput Eng (IJECE), V10, P4844, DOI [10.11591/ijece.v10i5.pp4844-4852, DOI 10.11591/IJECE.V10I5.PP4844]

[2]

Bottazzi Giovanni., 2014, Proceedings of the 7th International Conference on Security of Information and Networks, page, P459, DOI DOI 10.1145/2659651.2659673

[3] Applying machine learning and parallel data processing for attack detection in IoT [J].

Branitskiy, Alexander ;

Kotenko, Igor ;

Saenko, Igor .

IEEE TRANSACTIONS ON EMERGING TOPICS IN COMPUTING, 2021, 9 (04) :1642-1653

[4] Online Web Bot Detection Using a Sequential Classification Approach [J].

Cabri, Alberto ;

Suchacka, Grazyna ;

Rovetta, Stefano ;

Masulli, Francesco .

IEEE 20TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS / IEEE 16TH INTERNATIONAL CONFERENCE ON SMART CITY / IEEE 4TH INTERNATIONAL CONFERENCE ON DATA SCIENCE AND SYSTEMS (HPCC/SMARTCITY/DSS), 2018, :1536-1540

[5]

Canadian Institute for Cybersecurity, BOTN DAT

[6]

Divita J., 2017, P 12 INT C AVAILABIL, V75, P1

[7]

dns2tcp, TOOL REL TCP CONN DN

[8]

DNScat2, DNS TUNN TOOL

[9]

Drozd O., 2020, CEUR WORKSHOP PROC, V2762, P30

[10]

Efimov V., 2020, INT J COMPUTING, V19, P335, DOI [10.47839/ijc.19.3.1877, DOI 10.47839/IJC.19.3.1877]

← 1 2 3 4 →