Dissertation/Thesis Abstract

A Deep Learning Approach to Detecting Covert Channels in the Domain Name System
by Peña, Tomás Antonio, T.D., Capitol Technology University, 2020, 206; 27735496
Abstract (Summary)

Essential Internet services are vital for many aspects of modern living, yet those services remain valuable to threat actors who use them for network intrusions and data exfiltration. This quantitative research study, focused on the single-subject experimental design, analyzed the ability of the novel Fedona Convolutional Neural Network (CNN) to detect Domain Name System (DNS) covert channel communications generated by the DNSExfiltrator open source tool. The post-positivism theoretical framework guided the experiment design and analysis. Data collected during execution of DNSExfiltrator in a laboratory environment tested the deep learning model’s ability to identify exfiltration data within DNS TXT records. The results showed 100% accuracy when exfiltrated file sizes exceeded 2 Kilobytes (Kb) using the maximum transmission packet size, although performance fell dramatically for files below 1 Kb in size. This research expanded understanding of neural networks applied to covert channel detection.

Indexing (document details)
Advisor: Easttom, Chuck
Commitee: Kulp, Philip
School: Capitol Technology University
Department: Technology (PhD)
School Location: United States -- Maryland
Source: DAI-A 81/7(E), Dissertation Abstracts International
Subjects: Information Technology, Computer science, Information science, Artificial intelligence
Keywords: Artificial intelligence, Covert channel, Cybersecurity, Data exfiltration, Deep learning, Intrusion detection
Publication Number: 27735496
ISBN: 9781392671665
Copyright © 2021 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy