Click to open the HelpDesk interface
AECE - Front page banner

Menu:


FACTS & FIGURES

JCR Impact Factor: 1.221
JCR 5-Year IF: 0.961
SCOPUS CiteScore: 2.5
Issues per year: 4
Current issue: Aug 2021
Next issue: Nov 2021
Avg review time: 88 days


PUBLISHER

Stefan cel Mare
University of Suceava
Faculty of Electrical Engineering and
Computer Science
13, Universitatii Street
Suceava - 720229
ROMANIA

Print ISSN: 1582-7445
Online ISSN: 1844-7600
WorldCat: 643243560
doi: 10.4316/AECE


TRAFFIC STATS

1,748,436 unique visits
579,672 downloads
Since November 1, 2009



Robots online now
PetalBot
SemanticScholar
Googlebot


SJR SCImago RANK

SCImago Journal & Country Rank




TEXT LINKS

Anycast DNS Hosting
MOST RECENT ISSUES

 Volume 21 (2021)
 
     »   Issue 3 / 2021
 
     »   Issue 2 / 2021
 
     »   Issue 1 / 2021
 
 
 Volume 20 (2020)
 
     »   Issue 4 / 2020
 
     »   Issue 3 / 2020
 
     »   Issue 2 / 2020
 
     »   Issue 1 / 2020
 
 
 Volume 19 (2019)
 
     »   Issue 4 / 2019
 
     »   Issue 3 / 2019
 
     »   Issue 2 / 2019
 
     »   Issue 1 / 2019
 
 
 Volume 18 (2018)
 
     »   Issue 4 / 2018
 
     »   Issue 3 / 2018
 
     »   Issue 2 / 2018
 
     »   Issue 1 / 2018
 
 
 Volume 17 (2017)
 
     »   Issue 4 / 2017
 
     »   Issue 3 / 2017
 
     »   Issue 2 / 2017
 
     »   Issue 1 / 2017
 
 
  View all issues  








LATEST NEWS

2021-Jun-30
Clarivate Analytics published the InCites Journal Citations Report for 2020. The InCites JCR Impact Factor of Advances in Electrical and Computer Engineering is 1.221 (1.053 without Journal self-cites), and the InCites JCR 5-Year Impact Factor is 0.961.

2021-Jun-06
SCOPUS published the CiteScore for 2020, computed by using an improved methodology, counting the citations received in 2017-2020 and dividing the sum by the number of papers published in the same time frame. The CiteScore of Advances in Electrical and Computer Engineering in 2020 is 2.5, better than all our previous results.

2021-Apr-15
Release of the v3 version of AECE Journal website. We moved to a new server and implemented the latest cryptographic protocols to assure better compatibility with the most recent browsers. Our website accepts now only TLS 1.2 and TLS 1.3 secure connections.

2020-Jun-29
Clarivate Analytics published the InCites Journal Citations Report for 2019. The InCites JCR Impact Factor of Advances in Electrical and Computer Engineering is 1.102 (1.023 without Journal self-cites), and the InCites JCR 5-Year Impact Factor is 0.734.

2020-Jun-11
Starting on the 15th of June 2020 we wiil introduce a new policy for reviewers. Reviewers who provide timely and substantial comments will receive a discount voucher entitling them to an APC reduction. Vouchers (worth of 25 EUR or 50 EUR, depending on the review quality) will be assigned to reviewers after the final decision of the reviewed paper is given. Vouchers issued to specific individuals are not transferable.

Read More »


    
 

  3/2021 - 5

Deep Learning Based DNS Tunneling Detection and Blocking System

ALTUNCU, M. A. See more information about ALTUNCU, M. A. on SCOPUS See more information about ALTUNCU, M. A. on IEEExplore See more information about ALTUNCU, M. A. on Web of Science, GULAGIZ, F. K. See more information about  GULAGIZ, F. K. on SCOPUS See more information about  GULAGIZ, F. K. on SCOPUS See more information about GULAGIZ, F. K. on Web of Science, OZCAN, H. See more information about  OZCAN, H. on SCOPUS See more information about  OZCAN, H. on SCOPUS See more information about OZCAN, H. on Web of Science, BAYIR, O. F., GEZGIN, A., NIYAZOV, A., CAVUSLU, M. A., SAHIN, S.
 
View the paper record and citations in View the paper record and citations in Google Scholar
Click to see author's profile in See more information about the author on SCOPUS SCOPUS, See more information about the author on IEEE Xplore IEEE Xplore, See more information about the author on Web of Science Web of Science

Download PDF pdficon (4,081 KB) | Citation | Downloads: 179 | Views: 175

Author keywords
artificial neural networks, computer networks, domain name system, intrusion detection, machine learning

References keywords
tunneling(12), learning(10), detection(9), networks(7), information(7), security(6), machine(6), data(6), science(5), technology(4)
Blue keywords are present in both the references section and the paper title.

About this article
Date of Publication: 2021-08-31
Volume 21, Issue 3, Year 2021, On page(s): 39 - 48
ISSN: 1582-7445, e-ISSN: 1844-7600
Digital Object Identifier: 10.4316/AECE.2021.03005
Web of Science Accession Number: 000691632000005
SCOPUS ID: 85114771421

Abstract
Quick view
Full text preview
The main purpose of DNS is to convert domain names into IPs. Due to the inadequate precautions taken for the security of DNS, it is used for malicious communication or data leakage. Within the scope of this study, a real-time deep network-based system is proposed on live networks to prevent the common DNS tunneling threats over DNS. The decision-making capability of the proposed system at the instant of threat on a live system is the particular feature of the study. Networks trained with various deep network topologies by using the data from Alexa top 1 million sites were tested on a live network. The system was integrated to the network during the tests to prevent threats in real-time. The result of the tests reveal that the threats were blocked with success rate of 99.91%. Obtained results confirm that we can block almost all tunnel attacks over DNS protocol. In addition, the average time to block each tunneled package was calculated to be 0.923 ms. This time clearly demonstrates that the network flow will not be affected, and no delay will be experienced in the operation of our system in real-time.


References | Cited By  «-- Click to see who has cited this paper

[1] T. K. Skow, "Protection against DNS tunneling abuses on mobile networks," MSc Thesis, Norwegian University of Science and Technology, 2016.

[2] R. Chandramouli and S. Rose, "Secure domain name system (DNS) deployment guide," National Institute of Standards and Technology Special Publication, 2013.
[CrossRef]


[3] M. Sammour, B. Hussin and F. I. Othman, "Comparative Analysis for Detecting DNS Tunneling Using Machine Learning Techniques," International Journal of Applied Engineering Research, vol. 12, no. 22, pp. 12762-12766, 2017.

[4] H. Onal, "DNS Tunelleme.," [Online] Available: Temporary on-line reference link removed - see the PDF document

[5] S. Hangal, S. Narayanan, N. Chandra and S. Chakravorty, "IODINE: a tool to automatically infer dynamic invariants for hardware designs," in Proc. 42nd Design Automation Conference, 2005, Anaheim, CA, 2005, pp. 775-778.
[CrossRef] [Web of Science Times Cited 49]


[6] S. Yassine, J. Khalife, M. Chamoun et al., "A Survey of DNS Tunnelling Detection Techniques Using Machine Learning," in Proc. 1st International Conference on Big Data and Cyber-Security Intelligence, Hadath, Lebanon, 2018, pp. 63-66.

[7] M. Al-kasassbeh, T. Khairallah, "Winning tactics with DNS tunneling," Network Security, vol. 2019, no. 12, pp.12-19, 2019.
[CrossRef] [SCOPUS Times Cited 7]


[8] A. Merlo, G. Papaleo, S. Veneziano, et al., "Comparative performance evaluation of DNS tunneling tools," in Proc. Computational Intelligence in Security for Information Systems, Torremolinos-Malaga, Spain, 2011, pp. 84-91.
[CrossRef] [SCOPUS Times Cited 17]


[9] G. Farnham and A. Atlasis, "Detecting DNS tunneling. SANS Institute InfoSec Reading Room," [Online] Available: Temporary on-line reference link removed - see the PDF document

[10] M. Aiello, M. Mongelli and G. Papaleo, "Basic classifiers for DNS tunneling detection," in Proc. IEEE Symposium on Computers and Communications, Split, Croatia, 2013, pp. 880-885.
[CrossRef] [SCOPUS Times Cited 21]


[11] M. Aiello, M. Mongelli and G. Papaleo, "DNS tunneling detection through statistical fingerprints of protocol messages and machine learning," International Journal of Communication Systems, vol. 28, no. 14, pp. 1987-2002, 2015.
[CrossRef] [Web of Science Times Cited 21] [SCOPUS Times Cited 26]


[12] A. Almusawi and H. Amintoosi, "DNS Tunneling detection method based on multilabel support vector machine," Security and Communication Networks, vol. 2018, 2018.
[CrossRef] [Web of Science Times Cited 10] [SCOPUS Times Cited 20]


[13] J. Liu, S. Li and Y. Zhang, et al., "Detecting DNS tunnel through binary-classification based on behavior features," in Proc. IEEE Trustcom/BigDataSE/ICESS, Sydney, Australia, 2017, pp. 339-346.
[CrossRef] [Web of Science Times Cited 9] [SCOPUS Times Cited 23]


[14] A. L. Buczak, P. A. Hanke, G. J. Cancro, et al., "Detection of tunnels in PCAP data by random forests," in Proc. 11th Annual Cyber and Information Security Research Conference, USA, 2016, pp. 1-4.
[CrossRef] [SCOPUS Times Cited 24]


[15] E. Cambiaso, M. Aiello, M. Mongelli, et al., "Feature transformation and Mutual Information for DNS tunneling analysis," in Proc. Eighth International Conference on Ubiquitous and Future Networks, Vienna, Austria, 2016, pp. 957-959.
[CrossRef] [SCOPUS Times Cited 9]


[16] I. Homem, P. Papapetrou and S. Dosis, "Entropy-based prediction of network protocols in the forensic analysis of dns tunnels," arXiv, 2017. arXiv preprint arXiv:1709.06363.

[17] A. Nadler, A. Aminov and A. Shabtai, "Detection of malicious and low throughput data exfiltration over the DNS protocol," Computers & Security, vol. 80, pp. 36-53, 2019.
[CrossRef] [Web of Science Times Cited 21] [SCOPUS Times Cited 35]


[18] M. Aiello, M. Mongelli, M. Muselli et al., "Unsupervised learning and rule extraction for Domain Name Server tunneling detection," Internet Technology Letters, vol. 2, no. 2, pp. 1-6, 2019.
[CrossRef] [Web of Science Times Cited 3]


[19] Y. Bubnov, "DNS Tunneling Detection Using Feedforward Neural Network," European Journal of Engineering Research and Science, vol. 3, no. 11, pp. 16-19, 2018.
[CrossRef]


[20] T. V. Thuan, P. Engelstad and B. Feng, "Detection of DNS tunneling in mobile networks using machine learning," in Proc. International Conference on Information Science and Applications, Macau, China, 2017, pp. 221-230.
[CrossRef] [Web of Science Times Cited 10] [SCOPUS Times Cited 17]


[21] J. Ahmed, H. Gharakheili, Q. Raza, et al., "Monitoring Enterprise DNS Queries for Detecting Data Exfiltration from Internal Hosts," IEEE Transactions on Network and Service Management, vol. 17, no. 1, pp. 265-279, 2019.
[CrossRef] [Web of Science Times Cited 3] [SCOPUS Times Cited 7]


[22] Alexa, "The top 500 sites on the web," [Online] Available: Temporary on-line reference link removed - see the PDF document

[23] J. Huang, Y. F. Li and M. Xie, "An empirical analysis of data preprocessing for machine learning-based software cost estimation," Information and software Technology, vol. 67, pp. 108-127, 2015.
[CrossRef] [Web of Science Times Cited 56] [SCOPUS Times Cited 70]


[24] D. Bollegala, "Dynamic feature scaling for online learning of binary classifiers," Knowledge-Based Systems, vol. 129, pp. 97-105, 2017.
[CrossRef] [Web of Science Times Cited 13] [SCOPUS Times Cited 16]


[25] A. Carrio, C. Sampedro, A. Rodriguez-Ramos, et al., "A review of deep learning methods and applications for unmanned aerial vehicles," Journal of Sensors, vol. 2017, pp. 1-13, 2017.
[CrossRef] [Web of Science Times Cited 92] [SCOPUS Times Cited 119]


[26] J. Lin, "Divergence measures based on the Shannon entropy," IEEE Transactions on Information Theory, vol. 37, no. 1, pp. 145-151, 1991.
[CrossRef] [Web of Science Times Cited 1786] [SCOPUS Times Cited 2201]


[27] S. Han, J. Pool, S. Narang, et al.,"Dsd: Dense-sparse-dense training for deep neural networks," in Proc. International Conference on Learning Representations (ICLR), France, 2017, pp 1-13.

[28] G. E. Dahl, T. N. Sainath and G. E. Hinton, "Improving deep neural networks for LVCSR using rectified linear units and dropout," in Proc. IEEE International Conference On Acoustics, Speech And Signal Processing, British Columbia, Canada, 2013, pp. 8609-8613.
[CrossRef] [SCOPUS Times Cited 840]


[29] D. Choi, C. J. Shallue, Z. Nado, et al., "On Empirical Comparisons of Optimizers for Deep Learning," 2019. arXiv preprint:1910.05446.

[30] E. Seyyarer, T. Uckan, C. Hark, et al., "Applications and Comparisons of Optimization Algorithms Used in Convolutional Neural Networks," in Proc. International Artificial Intelligence and Data Processing Symposium, Malatya, Turkey, 2019, pp. 1-6.
[CrossRef] [SCOPUS Times Cited 3]


[31] B. Wang, K. Lu and P. Chang, "Design and implementation of Linux firewall based on the frame of Netfilter/Iptable," in Proc. 11th International Conference on Computer Science & Education, Japan, 2016, pp. 949-953.
[CrossRef] [SCOPUS Times Cited 7]


[32] L. F. Xuan and P. F. Wu, "The optimization and implementation of iptables rules set on linux," in Proc. 2nd International Conference on Information Science and Control Engineering, USA, 2015, pp. 988-991.
[CrossRef] [Web of Science Record] [SCOPUS Times Cited 5]


[33] R. Rohith, M. Moharir, and G. Shobha, "SCAPY-A powerful interactive packet manipulation program," in Proc. International Conference on Networking, Embedded and Wireless Systems, India, 2018, pp. 1-5.
[CrossRef] [SCOPUS Times Cited 9]


[34] L. Tomak and Y. Bek, "ISlem karakteristik egrisi analizi ve egri altinda kalan alanlarin karsilastirilmasi," Journal of Experimental and Clinical Medicine, vol. 27, no. 2, pp. 58-65, 2009.
[CrossRef]




References Weight

Web of Science® Citations for all references: 2,073 TCR
SCOPUS® Citations for all references: 3,476 TCR

Web of Science® Average Citations per reference: 59 ACR
SCOPUS® Average Citations per reference: 99 ACR

TCR = Total Citations for References / ACR = Average Citations per Reference

We introduced in 2010 - for the first time in scientific publishing, the term "References Weight", as a quantitative indication of the quality ... Read more

Citations for references updated on 2021-10-13 13:42 in 161 seconds.




Note1: Web of Science® is a registered trademark of Clarivate Analytics.
Note2: SCOPUS® is a registered trademark of Elsevier B.V.
Disclaimer: All queries to the respective databases were made by using the DOI record of every reference (where available). Due to technical problems beyond our control, the information is not always accurate. Please use the CrossRef link to visit the respective publisher site.

Copyright ©2001-2021
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania


All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.

Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.

Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.




Website loading speed and performance optimization powered by: