scholarly journals Text analysis of DNS queries for data exfiltration protection of computer networks

Informatics ◽  
2020 ◽  
Vol 17 (3) ◽  
pp. 78-86
Author(s):  
Ya. V. Bubnov ◽  
N. N. Ivanov
Keyword(s):  
Neural Network ◽  
Convolutional Neural Network ◽  
Computer Networks ◽  
Computer Network ◽  
Domain Name System ◽  
Domain Name ◽  
Domain Names ◽  
Network Protection ◽  
Using Data ◽  
Trained Neural Network

The paper proposes effective method of computer network protection from data exfiltration by the system of domain names. Data exfiltration by Domain Name System (DNS) is an approach to conceal the transfer of confidential data to remote adversary using data encapsulation into the requesting domain name. The DNS requests that transfer stolen information from a host infected by malicious software to an external host controlled by a malefactor are considered. The paper proposes a method of detecting such DNS requests based on text classification of domain names by convolutional neural network. The efficiency of the method is based on assumption that domain names exploited for data exfiltration differ from domain names formed from words of natural language. To classify the requests in convolutional neural network the use of character embedding for representing the string of a domain name is proposed. Quality evaluation of the trained neural network used for recognition of data exfiltration through domain name system using ROC-analysis is performed.The paper presents the software architecture used for deployment of trained neural network into existing infrastructure of the domain name system targeting practical computer networks protection from data exfiltration. The architecture implies creation of response policy zones for blocking of individual requests, classified as malicious.

scholarly journals Detection of Algorithmically Generated Domain Names Using the Recurrent Convolutional Neural Network with Spatial Pyramid Pooling

Entropy ◽  
2020 ◽  
Vol 22 (9) ◽  
pp. 1058
Author(s):  
Zhanghui Liu ◽  
Yudong Zhang ◽  
Yuzhong Chen ◽  
Xinwen Fan ◽  
Chen Dong
Keyword(s):  
Neural Network ◽  
Convolutional Neural Network ◽  
Network Traffic ◽  
Contextual Information ◽  
Recall Rate ◽  
Domain Name ◽  
Sample Distribution ◽  
Domain Names ◽  
Spatial Pyramid Pooling ◽  
Spatial Pyramid

Domain generation algorithms (DGAs) use specific parameters as random seeds to generate a large number of random domain names to prevent malicious domain name detection. This greatly increases the difficulty of detecting and defending against botnets and malware. Traditional models for detecting algorithmically generated domain names generally rely on manually extracting statistical characteristics from the domain names or network traffic and then employing classifiers to distinguish the algorithmically generated domain names. These models always require labor intensive manual feature engineering. In contrast, most state-of-the-art models based on deep neural networks are sensitive to imbalance in the sample distribution and cannot fully exploit the discriminative class features in domain names or network traffic, leading to decreased detection accuracy. To address these issues, we employ the borderline synthetic minority over-sampling algorithm (SMOTE) to improve sample balance. We also propose a recurrent convolutional neural network with spatial pyramid pooling (RCNN-SPP) to extract discriminative and distinctive class features. The recurrent convolutional neural network combines a convolutional neural network (CNN) and a bi-directional long short-term memory network (Bi-LSTM) to extract both the semantic and contextual information from domain names. We then employ the spatial pyramid pooling strategy to refine the contextual representation by capturing multi-scale contextual information from domain names. The experimental results from different domain name datasets demonstrate that our model can achieve 92.36% accuracy, an 89.55% recall rate, a 90.46% F1-score, and 95.39% AUC in identifying DGA and legitimate domain names, and it can achieve 92.45% accuracy rate, a 90.12% recall rate, a 90.86% F1-score, and 96.59% AUC in multi-classification problems. It achieves significant improvement over existing models in terms of accuracy and robustness.

scholarly journals Dga domain detection and botnet prevention using q-learning for pomdp

Doklady BGUIR ◽  
2021 ◽  
Vol 19 (2) ◽  
pp. 91-99
Author(s):  
Y. V. Bubnov ◽  
N. N. Ivanov
Keyword(s):  
Neural Network ◽  
Roc Analysis ◽  
Computer Network ◽  
Network Nodes ◽  
Domain Names ◽  
Q Learning ◽  
Maximum Value ◽  
Trained Neural Network ◽  
Partially Observable

 An effective method for preventing the operation of computer network nodes for organizing a botnet is proposed. A botnet is a collection of devices connected via the Internet for the purpose of organizing DDoS attacks, stealing data, sending spam and other malicious actions. The described method implies the detection of generated domain names in DNS queries using a neural network with parallel organization of convolutional and bidirectional recurrent layers. The effectiveness of the method is based on the assumption that generated domain names are used to create a botnet for merging. Experiments confirm that the proposed neural network is superior to the accuracy of existing counterparts on the UMUDGA dataset. The estimation of the quality of recognition of generated domain names using ROC analysis is calculated for a trained neural network. The article also formulates a model for controlling detectors using a partially observable Markov decisionmaking process to block infected nodes of a computer network. The search for the optimal policy for the formulated model by means of Q-learning of value agents is proposed. A comparative analysis of the average, minimum and maximum value of actions taken by agents in the process of interacting with the environment is carried out.

Damage Detection of Composite Materials Using Data Fusion With Deep Neural Networks

2020 ◽  
Author(s):  
Shweta Dabetwar ◽  
Stephen Ekwaro-Osire ◽  
João Paulo Dias
Keyword(s):  
Neural Network ◽  
Neural Networks ◽  
Composite Materials ◽  
Data Fusion ◽  
Damage Detection ◽  
Convolutional Neural Network ◽  
Deep Neural Networks ◽  
Mixed Data ◽  
Image Encoding ◽  
Using Data

Abstract Composite materials have enormous applications in various fields. Thus, it is important to have an efficient damage detection method to avoid catastrophic failures. Due to the existence of multiple damage modes and the availability of data in different formats, it is important to employ efficient techniques to consider all the types of damage. Deep neural networks were seen to exhibit the ability to address similar complex problems. The research question in this work is ‘Can data fusion improve damage classification using the convolutional neural network?’ The specific aims developed were to 1) assess the performance of image encoding algorithms, 2) classify the damage using data from separate experimental coupons, and 3) classify the damage using mixed data from multiple experimental coupons. Two different experimental measurements were taken from NASA Ames Prognostic Repository for Carbon Fiber Reinforced polymer. To use data fusion, the piezoelectric signals were converted into images using Gramian Angular Field (GAF) and Markov Transition Field. Using data fusion techniques, the input dataset was created for a convolutional neural network with three hidden layers to determine the damage states. The accuracies of all the image encoding algorithms were compared. The analysis showed that data fusion provided better results as it contained more information on the damages modes that occur in composite materials. Additionally, GAF was shown to perform the best. Thus, the combination of data fusion and deep neural network techniques provides an efficient method for damage detection of composite materials.

Structure and Organization of the Domain Name System

2015 ◽  
Author(s):  
Torsten Bettinger
Keyword(s):  
Host Computer ◽  
The Internet ◽  
Domain Name System ◽  
Domain Name ◽  
Global Regulation ◽  
Ip Address ◽  
Domain Names ◽  
Data Packets ◽  
System P ◽  
Administrative Tasks

Although the Internet has no cross-organizational, financial, or operational management responsible for the entire Internet, certain administrative tasks are coordinated centrally. Among the most important organizational tasks that require global regulation is the management of Internet Protocol (IP) addresses and their corresponding domain names. The IP address consists of an existing 32 bit (IP4) or 128 bit (IP6) sequence of digits and is the actual physical network address by which routing on the Internet takes place and which will ensure that the data packets reach the correct host computer.

scholarly journals Image Scale Estimation Using Surface Textures for Quantitative Visual Inspection

2021 ◽  
Vol 6 (1) ◽  
pp. 1-3
Author(s):  
Juan Park ◽  
Chul Min Yeum ◽  
Trevor Hrynyk
Keyword(s):  
Neural Network ◽  
Regression Model ◽  
Convolutional Neural Network ◽  
Surface Texture ◽  
Visual Inspection ◽  
Estimation Error ◽  
Estimation Technique ◽  
Surface Textures ◽  
Scale Estimation ◽  
Using Data

In this study, a learning-based scale estimation technique is proposed to enable quantitative evaluation of inspection regions. The underlying idea is that surface texture of structures (i.e. bridges or buildings) captured on images contains the scale information of the corresponding images, which is represented by pixel per physical dimension (e.g., mm, inch). This allows training a regression model that provides a relationship between surface textures on images and their corresponding scales. Deep convolutional neural network is used to extract scale-related features from the texture patches and estimate their scales. The trained model can be exploited to estimate scales for all images captured from structure surfaces that have similar textures. The capability of the proposed technique is fully demonstrated using data collected from surface textures of three different structures and achieves an overall average scale estimation error of less than 15%.

scholarly journals Fault diagnosis of rolling bearing based on multi-scale one-dimensional convolutional neural network

2021 ◽  
Vol 1207 (1) ◽  
pp. 012003
Author(s):  
Xukun Hou ◽  
Pengjie Hu ◽  
Wenliao Du ◽  
Xiaoyun Gong ◽  
Hongchao Wang ◽  
...  
Keyword(s):  
Neural Network ◽  
Wavelet Transform ◽  
Fault Diagnosis ◽  
Convolutional Neural Network ◽  
Rolling Bearing ◽  
One Dimensional ◽  
Bearing Fault ◽  
Multi Scale ◽  
Reconstructed Signal ◽  
Using Data

Abstract Aiming at the typical non-stationary and nonlinear characteristics of rolling bearing vibration signals, a multi-scale convolutional neural network method for bearing fault diagnosis based on wavelet transform and one-dimensional convolutional neural network is proposed. First, the signal is decomposed into multi scale components with wavelet transform, and then each scale component is reconstructed. The reconstructed signal is subjected to the Fourier transform to obtain the frequency spectrum representation, which is used as the input of the one-dimensional convolutional neural network. Finally, one-dimensional convolution neural network is used to learn the features of the input data and recognize the bearing fault. The performance of the model is verified by using data sets of rolling bearing. The results show that this method can intelligent feature extraction and obtain 99.94% diagnostic accuracy.

scholarly journals Nombre de dominios y otros signos distintivos. Aproximación teórica y análisis practico

2007 ◽  
Vol 6 ◽  
pp. 39-63
Author(s):  
Jorge Alberto Fierro Abella
Keyword(s):  
Internet Protocol ◽  
The Internet ◽  
Domain Name System ◽  
Domain Name ◽  
Empirical Application ◽  
Domain Names ◽  
Registration Procedure ◽  
Transmission Of Information ◽  
Theoretical Frame ◽  
La Red

El desarrollo de la llamada red de redes o internet ha supuesto un cambio sustancial en la forma de entender las relaciones comerciales. La extensión del acceso a aquella a un número cada vez mayor de agentes económicos, unido a un crecimiento continuo de los contenidos de toda índole disponibles en la red, implica que la facilidad con que se acceda a la información de una determinada compañía tenga un elevado valor. El objetivo de este documento de reflexión es ofrecer en primer lugar, un panorama general del marco teórico en el que se desarrolla la actividad de registro de nombres de dominio, tanto en el ámbito internacional como en el local (España) y su relación con el derecho de marcas, para a partir de ello exponer una serie de casos, que tienen una relación directa con España, bien por tratarse de resoluciones de nuestros tribunales, bien por ser asuntos en los que se discutía la titularidad de nombres de dominio en los que aparecía como perjudicado (real o pretendido) una marca o nombre comercial española o al menos con presencia en este país. Abstract Domain names are the familiar and easy-to-remember names for internet computers. They map to unique Internet Protocol (IP) numbers that serve as routing addresses on the Internet. The domain name system (DNS) translates internet names into the IP numbers needed for transmission of information across the network. The challenge pursued by the following research is to provide a general outlook of the theoretical frame for the technical activity of domain name registration procedure, as well as the implication of complementary sources of rules. The territorial context of the analysis is only apparent, since the empirical application of concepts can also be applied by other jurisdictions. Palabras Claves Nombre de dominio, marcas, marcas de internet, derecho de marcas, competencia desleal, usurpación de marcas. Keywords Nombre de dominio, marcas, marcas de internet, derecho de marcas, competencia desleal, usurpación de marcas

Sign in / Sign up

Export Citation Format

Share Document