Reference#
Denis Petrov, Pascal Ruffing, Sebastian Zillien, and Steffen Wendzel. Domainator: detecting and identifying dns-tunneling malware using metadata sequences. In Availability, Reliability and Security, Lecture Notes in Computer Science, 118–140. Cham, 2025. Springer Nature Switzerland. URL: https://doi.org/10.1007/978-3-032-00624-0_6, doi:10.1007/978-3-032-00624-0_6.
Stefan Machmeier, Maximilian Ludwig, Manuel Fuchs, and Vincent Heuveline. heiDGAF: A Novel Open-Source CIDS Solution for DGA Detection. In 15th SPRING graduate workshop, 42. 2025.
Samuel Schüppen, Dominik Teubert, Patrick Herrmann, and Ulrike Meyer. FANCI: feature-based automated NXDomain classification and intelligence. In Proceedings of the 27th USENIX Conference on Security Symposium, SEC'18, 1165–1181. USA, August 2018. USENIX Association.
Shaojie Chen, Bo Lang, Hongyu Liu, Duokun Li, and Chuan Gao. Dns covert channel detection method using the lstm model. Computers & Security, 104:102095, 2021. URL: https://doi.org/10.1016/j.cose.2020.102095, doi:10.1016/j.cose.2020.102095.
Guangyuan Gao, Weina Niu, Jiacheng Gong, Dujuan Gu, Song Li, Mingxue Zhang, and Xiaosong Zhang. Graphtunnel: robust dns tunnel detection based on dns recursive resolution graph. IEEE Transactions on Information Forensics and Security, 2024. URL: https://doi.org/10.1109/TIFS.2024.3443596, doi:10.1109/TIFS.2024.3443596.
Kristijan Žiža, Predrag Tadić, and Pavle Vuletić. Dns exfiltration detection in the presence of adversarial attacks and modified exfiltrator behaviour. International Journal of Information Security, 22:1865–1880, 2023. URL: https://doi.org/10.1007/s10207-023-00723-w, doi:10.1007/s10207-023-00723-w.