Open AccessDNS Tunneling Detection Using Feedforward Neural Network
Author(s) -
Yakov Bubnov
Publication year - 2018
Publication title -
european journal of engineering and technology research
Language(s) - English
Resource type - Journals
ISSN - 2506-8016
DOI - 10.24018/ejers.2018.3.11.963
Subject(s) - computer science , exploit , artificial neural network , quantum tunnelling , intrusion detection system , feedforward neural network , adversary , feed forward , intrusion , domain (mathematical analysis) , computer security , artificial intelligence , computer network , data mining , engineering , mathematics , physics , mathematical analysis , optoelectronics , geochemistry , control engineering , geology
This paper addresses a problem of detecting Domain Name System (DNS) tunneling in a computer network. Unauthorized data transfer exploits DNS tunneling technique to conceal network activity in a regular DNS traffic. Contemporary intrusion prevention equipment does not provide reasonable protection from sensitive information stealing. Given the DNS queries from both legitimate and adversary clients this paper proposes a machine-learning method of distinguishing tunneling strategies. More precisely, it describes a multi-label model of feedforward neural network that classifies some of well-known tunneling strategies counting legitimate traffic. The paper contains analysis of classification quality and accuracy of the developed model.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom