DNS and Data Exfiltration Detection
DNS and Data Exfiltration Detection
Date
2021-11
Authors
Sung, Nicole
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Annotator
Journal Title
Journal ISSN
Volume Title
Publisher
University of Hawaiʻi — West Oʻahu
Volume
Number/Issue
Starting Page
Ending Page
Alternative Title
Abstract
Undetected data exfiltration is a common occurrence
There is little research into detecting the data as it is traveling from target to attacker
Most research is on the prevention of exploitation.
Fundamental internet protocols are being used for exfiltration
DNS is the internet address book, so almost all internet-connected devices accept it
Most tunnels are encrypted to bypass packet inspection
By understanding how these protocols work, IDS rules can be developed to alert when traffic is abnormal
There is little research into detecting the data as it is traveling from target to attacker
Most research is on the prevention of exploitation.
Fundamental internet protocols are being used for exfiltration
DNS is the internet address book, so almost all internet-connected devices accept it
Most tunnels are encrypted to bypass packet inspection
By understanding how these protocols work, IDS rules can be developed to alert when traffic is abnormal
Description
A student presentation to the Fall 2021 Student Research and Creative Works Symposium
Keywords
Citation
Extent
1 page
Format
Geographic Location
Time Period
Related To
Table of Contents
Rights
Attribution-NonCommercial-NoDerivs 3.0 United States
Rights Holder
Local Contexts
Collections
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.