Supervised Learning Approaches with Majority Voting for DNS Tunneling Detection (Articolo in rivista)

Type
Label
  • Supervised Learning Approaches with Majority Voting for DNS Tunneling Detection (Articolo in rivista) (literal)
Anno
  • 2014-01-01T00:00:00+01:00 (literal)
Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#doi
  • 10.1007/978-3-319-07995-0_46 (literal)
Alternative label
  • Maurizio Aiello, Maurizio Mongelli, Gianluca Papaleo (2014)
    Supervised Learning Approaches with Majority Voting for DNS Tunneling Detection
    in Advances in Intelligent Systems and Computing; Springer-Verlag, Berlin Heidelberg (Germania)
    (literal)
Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#autori
  • Maurizio Aiello, Maurizio Mongelli, Gianluca Papaleo (literal)
Pagina inizio
  • 463 (literal)
Pagina fine
  • 472 (literal)
Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#url
  • http://link.springer.com/chapter/10.1007%2F978-3-319-07995-0_46 (literal)
Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#numeroVolume
  • 299 (literal)
Rivista
Note
  • b of Science (WOS) (literal)
Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#affiliazioni
  • Institute of Electronics, Computer and Telecommunication Engineering National Research Council of Italy Genova, 16143, Italy (literal)
Titolo
  • Supervised Learning Approaches with Majority Voting for DNS Tunneling Detection (literal)
Abstract
  • The use of covert-channel methods to bypass security policies has increasing in the last years. Malicious users neutralize security restriction encapsulating protocols like peer-to-peer, chat or http proxy into other allowed protocols like DNS or HTTP. This paper illustrates different approaches to detect one particular covert channel technique: DNS tunneling. Results from experiments conducted on a live network are obtained by replicating individual detections over successive samples over time and making a global decision through a majority voting scheme. The technique overcomes traditional classifier limitations. A performance evaluation shows the best approach to reach good results by resorting to a unique classification scheme, applicable in the presence of different tunnelled applications. (literal)
Editore
Prodotto di
Autore CNR

Incoming links:


Prodotto
Autore CNR di
Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#rivistaDi
Editore di
data.CNR.it