Deep learning based detection of DNS spoofing attack
Description
In this paper, we propose to use a classification model based on an artificial recurrent neural network (RNN) and a deep learning approach for DNS spoofing detection. It is proposed to use DNS data as well as TCP header and IP header data as features of the detection model. Using of IP header data, particularly, such feature as hop count is well known and widely used for IP spoofing. The main challenge is to apply these approaches to DNS spoofing detection. The aim of the research is to proof the feasibility of the proposed technique and to obtain metric values. The methodology of the research is to evaluate the deep learning model trained on the artificially synthesized dataset. The numerical results from simulations are used to evaluate the performance. The paper reports the accuracy about 70%.
Files
3_kozlenko_tkachuk.pdf
Files
(281.5 kB)
| Name | Size | Download all |
|---|---|---|
|
md5:8a050d2a80dcdf9c0174d81b2aef764e
|
281.5 kB | Preview Download |
Additional details
References
- M. Kozlenko and M. Kuz, "Joint capturing of readouts of household power supply meters," 2016 13th International Conference on Modern Problems of Radio Engineering, Telecommunications and Computer Science (TCSET), Lviv, 2016, pp. 755-757, doi: 10.1109/TCSET.2016.7452172