DNS rule-based schema to botnet detection. Issue 4 (21st April 2021)
- Record Type:
- Journal Article
- Title:
- DNS rule-based schema to botnet detection. Issue 4 (21st April 2021)
- Main Title:
- DNS rule-based schema to botnet detection
- Authors:
- Alieyan, Kamal
Almomani, Ammar
Anbar, Mohammed
Alauthman, Mohammad
Abdullah, Rosni
Gupta, B. B. - Abstract:
- ABSTRACT: Botnets are considered a serious issue today. They have several negative economic impacts as well. Such impacts are affecting organizations and individuals. Recent botnets–such as Zeus and Citadel's Conficker–use the Domain Name System (DNS) to avoid detection. These botnets use the DNS server to prevent the network administrator from locating and shutting down the C&C servers. Therefore, this paper proposes a DNS rule-based approach for Botnet Detection (DNS-BD) that can improve the accuracy of DNS traffic-based detection of botnets. This approach is based on DNS query and response behaviours; it aims to detect any abnormal DNS query and response behaviours by applying the proposed DNS query and response rules. The result showed that the proposed approach can detect the botnet with an accuracy of 99.35% and a false-positive rate of 0.25%. A comparison with well-known DNS-based approaches evaluates the effectiveness of the proposed approach. It has been concluded that the approach proposed outperforms other approaches that can be implemented as part of any anti-viruses IDS product.
- Is Part Of:
- Enterprise information systems. Volume 15:Issue 4(2021)
- Journal:
- Enterprise information systems
- Issue:
- Volume 15:Issue 4(2021)
- Issue Display:
- Volume 15, Issue 4 (2021)
- Year:
- 2021
- Volume:
- 15
- Issue:
- 4
- Issue Sort Value:
- 2021-0015-0004-0000
- Page Start:
- 545
- Page End:
- 564
- Publication Date:
- 2021-04-21
- Subjects:
- Botnet detection -- DNS -- Rule-based -- Network security
Information storage and retrieval systems -- Periodicals
Management information systems -- Periodicals
Electronic commerce -- Periodicals
658.4038011 - Journal URLs:
- http://www.tandfonline.com/toc/teis20/current ↗
http://www.tandfonline.com/ ↗ - DOI:
- 10.1080/17517575.2019.1644673 ↗
- Languages:
- English
- ISSNs:
- 1751-7575
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3790.568160
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 16363.xml