EPiC Series in Computing
DOI: 10.29007/c4wj
|View full text |Cite
|
Sign up to set email alerts
|

A Multi-Stage Detection Technique for DNS-Tunneled Botnets

Tirthankar Ghosh
1
,
Eman El-Sheikh
2
,
Wasseem Jammal3

Abstract: Botnet communications are obfuscated within legitimate network protocols to avoid detection and remediation. Domain Name Service (DNS) is a protocol of choice to hide communication with Command & Control (C&C) servers, where botmasters tunnel these communications within DNS request and response. Since botnet communications are characterized by different features, botmasters may evade detection methods by modifying some of these features. This paper proposes a multi-staged detection approach for… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
1
0

Publication Types

Select...
1
1

Relationship

0
2

Authors

Journals

citations
Cited by 2 publications
(1 citation statement)
references
References 11 publications
0
1
0
Order By: Relevance
“…Statistical analysis could detect "silent" state bots. e literature [116] proposed a multistage detection method for domain fluxing, fast-flux service network (FFSN), and domain generation algorithm (DGA). e first stage used NX domain and server failure errors to detect DNS tunnel C&C server calls.…”
Section: Combination Methodmentioning
confidence: 99%

Survey on Botnet Detection Techniques: Classification, Methods, and Evaluation

Xing
1
,
Hui
2
,
Zhao
3
et al. 2021
Mathematical Problems in Engineering
42
0
18
0
View full textAdd to dashboardCite
show abstract
“…Statistical analysis could detect "silent" state bots. e literature [116] proposed a multistage detection method for domain fluxing, fast-flux service network (FFSN), and domain generation algorithm (DGA). e first stage used NX domain and server failure errors to detect DNS tunnel C&C server calls.…”
Section: Combination Methodmentioning
confidence: 99%

Survey on Botnet Detection Techniques: Classification, Methods, and Evaluation

Xing
1
,
Hui
2
,
Zhao
3
et al. 2021
Mathematical Problems in Engineering
42
0
18
0
View full textAdd to dashboardCite
show abstract

OptiTuneD: An Optimized Framework for Zero-Day DNS Tunnel Detection Using N-Grams

Sharma,
Swarnkar
2023
2023 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)
0
0
0
0
View full textAdd to dashboardCite
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.