A Comparative Performance Evaluation of DNS Tunneling Tools
نویسندگان
چکیده
DNS Tunnels are built through proper tools that allow embedding data on DNS queries and response. Each tool has its own approach to the building tunnels in DNS that differently affects the network performance. In this paper, we propose a brief architectural analysis of the current state-of-the-art of DNS Tunneling tools. Then, wepropose the first comparative analysis of such tools in term of performance, as a first step towardsthe possibility to relateeach tool with a proper behavior of DNS traffic. To this aim, we define an assessment of the toolsin three different network configurationswith three different performance metrics. We finallysummarize the most interesting results and provide some considerations on the performance of each tool.
منابع مشابه
Performance assessment and analysis of DNS tunneling tools
DNS Tunnels are built by proper tools that allow embedding data on DNS queries and responses. Each tool has its own strategies that affect the network performance in a unique way. In this paper, we propose an architectural analysis of the current state-of-the-art of DNS Tunneling tools. Then, we provide a comparative evaluation of such tools in term of performance, as a first step towards the p...
متن کاملEntropy-based Prediction of Network Protocols in the Forensic Analysis of DNS Tunnels
DNS tunneling techniques are often used for malicious purposes but network security mechanisms have struggled to detect these. Network forensic analysis has thus been used but has proved slow and effort intensive as Network Forensics Analysis Tools struggle to deal with undocumented or new network tunneling techniques. In this paper we present a method to aid forensic analysis through automatin...
متن کاملDetection of Malicious and Low Throughput Data Exfiltration Over the DNS Protocol
In the presence of security countermeasures, a malware designed for data exfiltration must do so using a covert channel to achieve its goal. Among existing covert channels stands the domain name system (DNS) protocol. Although the detection of covert channels over the DNS has been thoroughly studied in the last decade, previous research dealt with a specific subclass of covert channels, namely ...
متن کاملPerformance evaluation of Carbon nanotube junctionless tunneling field effect transistor (CNT-JLTFET) under torsional strain: A quantum simulation study
In this paper, the performance of a CNT-JLTFET under different values of torsional strains of 0, 3, and 5 degrees has been investigated. Simulation has been carried out using non-equilibrium Green’s function (NEGF) formalism in the mode-space approach and in the ballistic limit. The simulation results indicate that, under torsional strain, an increase occurs in the energy band-gap, and thus the...
متن کاملIntroducing hard rock TBMs’ downtime analysis model with reference to past case histories’ data
The study of downtime and subsequently machine utilization in a given project is one of the major requirements of an accurate estimation of TBM performance and daily advance rate. Interestingly, while it is very common to report the components of downtime when discussing a tunneling project in the literature; there has not been a great amount of in-depth studies on this topic in the recent year...
متن کامل