Genetic Algorithm and Support Vector Machine for DNS Tunneling Detection: A Hybrid Method Approach

Al-Ibraheemi, Fuqdan A. and Al-Ibraheemi, Sattar and Amintoosi, Haleh (2022) Genetic Algorithm and Support Vector Machine for DNS Tunneling Detection: A Hybrid Method Approach. In: Novel Research Aspects in Mathematical and Computer Science Vol. 5. B P International, pp. 125-136. ISBN 978-93-5547-516-9

Full text not available from this repository.

Abstract

This paper proposes a hybrid method of genetic algorithm feature selection approach with the support vector machine classifier for the sake of identifying the best features that have the ability to optimize the detection of DNS tunneling. With the growth of business on the internet, corporations are now investing significant sums of money on web apps. Different risks, on the other hand, could make organizations vulnerable to future attacks. One of these risks is DNS tunneling, which uses the domain name protocol to convey harmful information. Confidential information would be disclosed and violated as a result. Several studies have looked into machine learning in order to come up with a detecting method. Authors included a variety of features in their techniques, including domain length, number of bytes, content, volume of DNS traffic, number of hostnames per domain, geographic location, and domain history. Apparently, there is a vital demand to accommodate feature selection task in order to identify the best features. A DNS tunneling benchmark dataset was utilized to evaluate the suggested approach. The proposed approach exceeded the conventional SVM by getting an F-measure of 0.946, indicating that it outperformed the traditional SVM.

Item Type: Book Section
Subjects: Research Scholar Guardian > Computer Science
Depositing User: Unnamed user with email support@scholarguardian.com
Date Deposited: 28 Dec 2023 04:35
Last Modified: 28 Dec 2023 04:35
URI: http://science.sdpublishers.org/id/eprint/1715

Actions (login required)

View Item
View Item