Deteksi Tunneling Domain Name System dengan Fitur Cache Property
(1) Universitas Widyatama, Bandung, Jawa Barat, Indonesia
(2) Universitas Widyatama, Bandung, Jawa Barat, Indonesia
(*) Corresponding Author
Abstract
Full Text:
PDFReferences
Ishikura, Naotake, et al. "Cache-property-aware features for dns tunneling detection" 2020 23rd Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN). IEEE, 2020.
M. Al-Kasassbeh and T. Khairallah, “Winning tactics with DNS tunnelling” Netw. Security, vol. 2019, no. 12, pp. 12–19, 2019.
Oskar Pearson, DNS Tunnel - through bastion hosts, 1998, [Online]. Available: https://seclists.org/bugtraq/1998/Apr/79.
Greg Farnham, Detecting DNS tunneling, 2013, https://www.sans.org/readingroom/whitepapers/dns/detecting-dns-tunneling-34152.
E. Skoudis, The six most dangerous new attack techniques and what is coming next? [Online]. Availabel: https://blogs.sans.org/pentesting/files/2012/ 03/RSA-2012-EXP-108-Skoudis-Ullrich.pdf.
(2014). New FrameworkPOS Variant Exfiltrates Data via DNS Requests. [Online]. Available: https://www.gdatasoftware.com/blog/ 2014/10/23942-new-frameworkpos-variant-exfiltrates-data-via-dns-
K. Born and D. Gustafson, “Detecting DNS tunnels using charac-ter frequency analysis” 2010. [Online]. Available: https://arxiv.org/abs/ 1004.4358.
S. Chen, B. Lang, H. Liu, D. Li, and C. Gao, “DNS covert channel detection method using the LSTM model” Comput. Security, vol. 104, May 2021, Art. no. 102095.
(2011). Morto Worm Sets a (DNS) Record. [Online]. Available: https://community.broadcom.com/symantecenterprise/communities/ community home/librarydocuments/viewdocument?DocumentKey= 268f079a-2bb8-4775-9ef9-1b02e32ca55d&CommunityKey=1ecf5f55- 9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocumentsdnscat2. Accessed: Mar. 18, 2021. [Online]. Available: https://github. com/iagox86/dnscat2.
G. K. Zipf, Human Behavior and the Principle of Least Effort. Cambridge, MA, USA: Addison-Wesley, 1949.
Wijaya, Sandi. 2004, Mekanisme dan Implementasi Cache Poisoning Pada DNS Server. Bandung: ITB.
C. Qi, X. Chen, C. Xu, J. Shi, and P. Liu, “A bigram based real time DNS tunnel detection approach” Procedia Comput. Sci., vol. 17, pp. 852–860, 2013.
Technitium DNS. PostProcessQueryAsync. https://github.com/ TechnitiumSoftware/DnsServer/blob/v11.0.1/DnsServerCore/Dns/ DnsServer.cs#L985, 2023.
Anugrah, Faula Tanang, Syariful Ikhwan, dan Jafaruddin Gusti AG. "Implementasi Intrusion Prevention System (IPS) Menggunakan Suricata Untuk Serangan SQL Injection." Teknik: Jurnal Ilmiah Elektroteknika 21.2 (2022): 199-210.
DOI: http://dx.doi.org/10.30645/jurasik.v9i1.719
DOI (PDF): http://dx.doi.org/10.30645/jurasik.v9i1.719.g694
Refbacks
- There are currently no refbacks.
JURASIK (Jurnal Riset Sistem Informasi dan Teknik Informatika)
Published Papers Indexed/Abstracted By: