| 3/2021 - 5 |
Deep Learning Based DNS Tunneling Detection and Blocking SystemALTUNCU, M. A.   , GULAGIZ, F. K. , OZCAN, H. , BAYIR, O. F. , GEZGIN, A. , NIYAZOV, A. , CAVUSLU, M. A. , SAHIN, S. |
Extra paper information in    |
| Click to see author's profile in SCOPUS, IEEE Xplore, Web of Science |
Download PDF  (4,081 KB) | Citation | Downloads: 1,285 | Views: 2,693 |
Author keywords
artificial neural networks, computer networks, domain name system, intrusion detection, machine learning
References keywords
tunneling(12), learning(10), detection(9), networks(7), information(7), security(6), machine(6), data(6), science(5), technology(4)
Blue keywords are present in both the references section and the paper title.
About this article
Date of Publication: 2021-08-31
Volume 21, Issue 3, Year 2021, On page(s): 39 - 48
ISSN: 1582-7445, e-ISSN: 1844-7600
Digital Object Identifier: 10.4316/AECE.2021.03005
Web of Science Accession Number: 000691632000005
SCOPUS ID: 85114771421
Abstract
The main purpose of DNS is to convert domain names into IPs. Due to the inadequate precautions taken for the security of DNS, it is used for malicious communication or data leakage. Within the scope of this study, a real-time deep network-based system is proposed on live networks to prevent the common DNS tunneling threats over DNS. The decision-making capability of the proposed system at the instant of threat on a live system is the particular feature of the study. Networks trained with various deep network topologies by using the data from Alexa top 1 million sites were tested on a live network. The system was integrated to the network during the tests to prevent threats in real-time. The result of the tests reveal that the threats were blocked with success rate of 99.91%. Obtained results confirm that we can block almost all tunnel attacks over DNS protocol. In addition, the average time to block each tunneled package was calculated to be 0.923 ms. This time clearly demonstrates that the network flow will not be affected, and no delay will be experienced in the operation of our system in real-time. |
| References | | | Cited By |
Web of Science® Times Cited: 7 [View]
View record in Web of Science® [View]
View Related Records® [View]
Updated 2 days, 11 hours ago
SCOPUS® Times Cited: 6
View record in SCOPUS® [Free preview]
View citations in SCOPUS® [Free preview]
Updated 2 days, 11 hours ago
[1] GraphTunnel: Robust DNS Tunnel Detection Based on DNS Recursive Resolution Graph, Gao, Guangyuan, Niu, Weina, Gong, Jiacheng, Gu, Dujuan, Li, Song, Zhang, Mingxue, Zhang, Xiaosong, IEEE Transactions on Information Forensics and Security, ISSN 1556-6013, Issue , 2024.
Digital Object Identifier: 10.1109/TIFS.2024.3443596 [CrossRef]
[2] A Hybrid Deep Learning Approach for Intrusion Detection in IoT Networks, EMEC, M., OZCANHAN, M. H., Advances in Electrical and Computer Engineering, ISSN 1582-7445, Issue 1, Volume 22, 2022.
Digital Object Identifier: 10.4316/AECE.2022.01001 [CrossRef] [Full text]
[3] Application of Artificial Intelligence to Network Forensics: Survey, Challenges and Future Directions, Rizvi, Syed, Scanlon, Mark, Mcgibney, Jimmy, Sheppard, John, IEEE Access, ISSN 2169-3536, Issue , 2022.
Digital Object Identifier: 10.1109/ACCESS.2022.3214506 [CrossRef]
[4] Real-Time Detection System for Data Exfiltration over DNS Tunneling Using Machine Learning, Abualghanam, Orieb, Alazzam, Hadeel, Elshqeirat, Basima, Qatawneh, Mohammad, Almaiah, Mohammed Amin, Electronics, ISSN 2079-9292, Issue 6, Volume 12, 2023.
Digital Object Identifier: 10.3390/electronics12061467 [CrossRef]
[5] Real-time Threat Detection Strategies for Resource-constrained Devices, Hamidouche, Mounia, Demissie, Biniam Fisseha, Cherif, Bilel, 2024 20th International Conference on Distributed Computing in Smart Systems and the Internet of Things (DCOSS-IoT), ISBN 979-8-3503-6944-1, 2024.
Digital Object Identifier: 10.1109/DCOSS-IoT61029.2024.00038 [CrossRef]
Updated 2 days, 11 hours ago
Disclaimer: All information displayed above was retrieved by using remote connections to respective databases. For the best user experience, we update all data by using background processes, and use caches in order to reduce the load on the servers we retrieve the information from. As we have no control on the availability of the database servers and sometimes the Internet connectivity may be affected, we do not guarantee the information is correct or complete. For the most accurate data, please always consult the database sites directly. Some external links require authentication or an institutional subscription.
Web of Science® is a registered trademark of Clarivate Analytics, Scopus® is a registered trademark of Elsevier B.V., other product names, company names, brand names, trademarks and logos are the property of their respective owners.
Copyright ©2001-2024
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania
All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.
Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.
Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania
All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.
Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.
Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.
