Open AccessDNS Tunneling Detection Using Feedforward Neural Network
Author(s) -
Yakov Bubnov
Publication year - 2018
Publication title -
european journal of engineering research and science
Language(s) - English
Resource type - Journals
ISSN - 2506-8016
DOI - 10.24018/ejers.2018.3.11.963
Subject(s) - computer science , exploit , artificial neural network , quantum tunnelling , intrusion detection system , feedforward neural network , adversary , feed forward , intrusion , domain (mathematical analysis) , computer security , artificial intelligence , computer network , data mining , engineering , mathematics , physics , mathematical analysis , optoelectronics , geochemistry , control engineering , geology
This paper addresses a problem of detecting Domain Name System (DNS) tunneling in a computer network. Unauthorized data transfer exploits DNS tunneling technique to conceal network activity in a regular DNS traffic. Contemporary intrusion prevention equipment does not provide reasonable protection from sensitive information stealing. Given the DNS queries from both legitimate and adversary clients this paper proposes a machine-learning method of distinguishing tunneling strategies. More precisely, it describes a multi-label model of feedforward neural network that classifies some of well-known tunneling strategies counting legitimate traffic. The paper contains analysis of classification quality and accuracy of the developed model.