Skip to content

Development of an Accurate DNS Tunneling Detection Tool Using Cache Miss Properties and Machine Learning Models

License

Notifications You must be signed in to change notification settings

AreejFatimaz/DNS-Tunneling-Detection

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DNS-Tunneling-Detection

This project focuses on building an advanced tool to accurately detect DNS tunneling, a technique often used to bypass security controls and exfiltrate data. The tool leverages cache miss properties to monitor and analyze DNS query behavior. By examining patterns of cache misses—such as frequency, timing, and anomalies—it can identify potential tunneling attempts that exploit the DNS protocol.

To enhance detection accuracy, machine learning models will be employed to classify and differentiate between legitimate DNS traffic and malicious tunneling queries. The combination of cache miss analysis and machine learning aims to minimize false positives and improve overall detection efficiency, providing a powerful solution to safeguard network security.

About

Development of an Accurate DNS Tunneling Detection Tool Using Cache Miss Properties and Machine Learning Models

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published