Options
2021
Conference Paper
Titel
Mobile cyber defense agents for low throughput DNS-based data exfiltration detection in military networks
Abstract
DNS is a widely adopted protocol for the translation between domain names and IP addresses. Due to its lack of built-in security mechanisms attackers often use DNS for attacks like tunneling and data exfiltration. Solutions for centralized and static networks exist but fail to work efficiently in tactical networks. In this paper, we combine the concept of mobile agents with modern analysis techniques like machine learning to develop a detection system for DNS-based attacks in military networks. The proposed system is evaluated regarding its efficiency.