A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf
.
Detection of Malicious and Low Throughput Data Exfiltration Over the DNS Protocol
[article]
2018
arXiv
pre-print
In the presence of security countermeasures, a malware designed for data exfiltration must do so using a covert channel to achieve its goal. Among existing covert channels stands the domain name system (DNS) protocol. Although the detection of covert channels over the DNS has been thoroughly studied in the last decade, previous research dealt with a specific subclass of covert channels, namely DNS tunneling. While the importance of tunneling detection is not undermined, an entire class of low
arXiv:1709.08395v2
fatcat:vtcpoebvjvhwxlnno5hlg2upxy