Abstract
DNS tunneling is a typical attack adopted by cyber-criminals to compromise victims’ devices, steal sensitive data, or perform fraudulent actions against third parties without their knowledge. The fraudulent traffic is encapsulated into DNS queries to evade intrusion detection. Unfortunately, traditional defense systems based on Deep Packet Inspection cannot always detect such traffic. As a result, DNS tunneling is one problem that has worried the cybersecurity community over the past decade.In this paper, we propose a robust and reliable Deep Learning-based DNS tunneling detection approach to mine valuable insight from DNS query payloads. More precisely, several features are first extracted by the DNS flow, and then they are arranged as bi-dimensional images. A Convolutional Neural Network is used to automatically and adaptively learn spatial hierarchies of features to be used in a fully connected neural network for traffic classification. The proposed approach may result in an extremely interesting task in predictive security approaches to attack detection.The effectiveness of the proposal is evaluated in several experiments using a real-world traffic dataset. The obtained results show that our approach achieves 99.99% of accuracy and performs better than state-of-the-art solutions.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
