Reference

Reference#

[1]

Denis Petrov, Pascal Ruffing, Sebastian Zillien, and Steffen Wendzel. Domainator: detecting and identifying dns-tunneling malware using metadata sequences. In Availability, Reliability and Security, Lecture Notes in Computer Science, 118–140. Cham, 2025. Springer Nature Switzerland. URL: https://doi.org/10.1007/978-3-032-00624-0_6, doi:10.1007/978-3-032-00624-0_6.

[2]

Stefan Machmeier, Maximilian Ludwig, Manuel Fuchs, and Vincent Heuveline. heiDGAF: A Novel Open-Source CIDS Solution for DGA Detection. In 15th SPRING graduate workshop, 42. 2025.

[3]

Samuel Schüppen, Dominik Teubert, Patrick Herrmann, and Ulrike Meyer. FANCI: feature-based automated NXDomain classification and intelligence. In Proceedings of the 27th USENIX Conference on Security Symposium, SEC'18, 1165–1181. USA, August 2018. USENIX Association.

[4]

Shaojie Chen, Bo Lang, Hongyu Liu, Duokun Li, and Chuan Gao. Dns covert channel detection method using the lstm model. Computers & Security, 104:102095, 2021. URL: https://doi.org/10.1016/j.cose.2020.102095, doi:10.1016/j.cose.2020.102095.

[5]

Guangyuan Gao, Weina Niu, Jiacheng Gong, Dujuan Gu, Song Li, Mingxue Zhang, and Xiaosong Zhang. Graphtunnel: robust dns tunnel detection based on dns recursive resolution graph. IEEE Transactions on Information Forensics and Security, 2024. URL: https://doi.org/10.1109/TIFS.2024.3443596, doi:10.1109/TIFS.2024.3443596.

[6]

Kristijan Žiža, Predrag Tadić, and Pavle Vuletić. Dns exfiltration detection in the presence of adversarial attacks and modified exfiltrator behaviour. International Journal of Information Security, 22:1865–1880, 2023. URL: https://doi.org/10.1007/s10207-023-00723-w, doi:10.1007/s10207-023-00723-w.