Abstract
Botnets are often used in cyberattacks on network services and individual users, so the ability to detect botnets is very important. Botnets use DNS tunneling to send malicious command-and-control (CC) commands to victims' hosts. Unfortunately, DNS tunneling attacks are very hard to detect. The paper presents a new approach for DNS tunneling botnet detection, which considers all the features and architectural characteristics of botnets. The technique described in this paper is highly efficient at detecting DNS tunneling attacks.
Recommended Citation
B. Savenko et al., "Detection DNS Tunneling Botnets," Proceedings of the 11th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2021, vol. 1, pp. 64 - 69, Institute of Electrical and Electronics Engineers, Jan 2021.
The definitive version is available at https://doi.org/10.1109/IDAACS53288.2021.9661022
Department(s)
Computer Science
Keywords and Phrases
Botnet; Botnet detection; Classifier; DNS; DNS tunneling attacks; Malware; Network security; Networks
International Standard Book Number (ISBN)
978-166542605-3
Document Type
Article - Conference proceedings
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2024 Institute of Electrical and Electronics Engineers, All rights reserved.
Publication Date
01 Jan 2021
