Profiling DNS tunneling attacks with PCA and mutual information

[1]  Sándor Molnár,et al.  On the identification and analysis of Skype traffic , 2011, Int. J. Commun. Syst..

[2]  Zhiliang Zhu,et al.  Modified Mutual Information-based Feature Selection for Intrusion Detection Systems in Decision Tree Learning , 2014, J. Comput..

[3]  M. Mongelli,et al.  Detection of DoS attacks through Fourier transform and mutual information , 2015, 2015 IEEE International Conference on Communications (ICC).

[4]  Dan Tang,et al.  A New Collaborative Detection Method for LDoS Attacks , 2014, J. Networks.

[5]  Nasser Yazdani,et al.  Mutual information-based feature selection for intrusion detection systems , 2011, J. Netw. Comput. Appl..

[6]  Fanny Klett,et al.  International Joint Conference SOCO'14-CISIS'14-ICEUTE'14 - Bilbao, Spain, June 25th-27th, 2014, Proceedings , 2014, SOCO-CISIS-ICEUTE.

[7]  Pavel Laskov,et al.  Detection of Intrusions and Malware, and Vulnerability Assessment: 19th International Conference, DIMVA 2022, Cagliari, Italy, June 29 –July 1, 2022, Proceedings , 2022, International Conference on Detection of intrusions and malware, and vulnerability assessment.

[8]  Henk J. Sips,et al.  Detection of botnet collusion by degree distribution of domains , 2010, 2010 International Conference for Internet Technology and Secured Transactions.

[9]  Riyad Alshammari,et al.  Can encrypted traffic be identified without port numbers, IP addresses and payload inspection? , 2011, Comput. Networks.

[10]  Noureddine Boudriga,et al.  Intrusion detection and tolerance: A global scheme , 2008 .

[11]  A Min Tjoa,et al.  Availability, Reliability, and Security in Information Systems , 2014, Lecture Notes in Computer Science.

[12]  Kenton Born,et al.  NgViz: detecting DNS tunnels through n-gram visualization and quantitative analysis , 2010, CSIIRW '10.

[13]  Michael Himbeault A novel approach to detecting covert DNS tunnels using throughput estimation , 2014 .

[14]  Zhiliang Zhu,et al.  Feature Grouping for Intrusion Detection System Based on Hierarchical Clustering , 2014, CD-ARES.

[15]  Maurizio Aiello,et al.  A similarity based approach for application DoS attacks detection , 2013, 2013 IEEE Symposium on Computers and Communications (ISCC).

[16]  Zhuoqing Morley Mao,et al.  Characterizing Dark DNS Behavior , 2007, DIMVA.

[17]  Maurizio Aiello,et al.  Performance assessment and analysis of DNS tunneling tools , 2013, Log. J. IGPL.

[18]  Peipeng Liu,et al.  A Bigram based Real Time DNS Tunnel Detection Approach , 2013, ITQM.

[19]  Christian Callegari,et al.  Improving PCA‐based anomaly detection by using multiple time scale analysis and Kullback–Leibler divergence , 2014, Int. J. Commun. Syst..

[20]  Maurizio Dusi,et al.  Tunnel Hunter: Detecting application-layer tunnels with statistical fingerprinting , 2009, Comput. Networks.

[21]  Kenton Born,et al.  Detecting DNS Tunnels Using Character Frequency Analysis , 2010, ArXiv.

[22]  Francesco Palmieri,et al.  A distributed approach to network anomaly detection based on independent component analysis , 2014, Concurr. Comput. Pract. Exp..

[23]  Michel Mandjes,et al.  Flow-Based Detection of DNS Tunnels , 2013, AIMS.

[24]  Mark Sandford,et al.  Detecting and classifying delay Data Exceptions on communication networks using rule based algorithms , 2005, Int. J. Commun. Syst..

[25]  Maurizio Mongelli,et al.  Supervised Learning Approaches with Majority Voting for DNS Tunneling Detection , 2014, SOCO-CISIS-ICEUTE.

[26]  Maurizio Mongelli,et al.  DNS tunneling detection through statistical fingerprints of protocol messages and machine learning , 2015, Int. J. Commun. Syst..

[27]  Daniel S. Yeung,et al.  Multiple Classifier System with Feature Grouping for Intrusion Detection: Mutual Information Approach , 2005, KES.

[28]  Z. Berkay Celik,et al.  Detection of Fast-Flux Networks using various DNS feature sets , 2013, 2013 IEEE Symposium on Computers and Communications (ISCC).

[29]  Aiko Pras,et al.  An Overview of IP Flow-Based Intrusion Detection , 2010, IEEE Communications Surveys & Tutorials.

[30]  Dan Tang,et al.  A New Detection Method based on AEWMA Algorithm for LDoS attacks , 2014, J. Networks.

[31]  Anestis Karasaridis,et al.  NIS04-2: Detection of DNS Anomalies using Flow Data Analysis , 2006, IEEE Globecom 2006.

[32]  Maurizio Mongelli,et al.  Basic classifiers for DNS tunneling detection , 2013, 2013 IEEE Symposium on Computers and Communications (ISCC).