Catching DNS Tunnels with AI - A Talk About Artificial Intelligence, Geometry and Malicious Network Traffic

Presented at DEF CON 17 (2009), July 31, 2009, 10 a.m. (50 minutes)

The in-depth explanation, demonstration and release of a working adaptive solution for data mining DNS tunnels from network traffic.

Presenters:

• jhind - Security Researcher
  jhind has shared a passion for security inside government, academia and industry for well over a decade. He has countless hours of sleep-deprived research and teaching in reverse engineering, cryptography, exploitation and general Internet deviancy. Completely frustrated with IDS in its current state, jhind's latest research attempts to advance the conversation of competent intrusion detection.

Links:

• https://defcon.org/html/defcon-17/dc-17-speakers.html#Jhind
• https://infocon.org/cons/DEF CON/DEF CON 17/DEF CON 17 video and slides/DEF CON 17 - Jhind - Catching DNS Tunnels with AI - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=nzLaQsUFcwA

Similar Presentations:

• DeepSec 2018 „I like to mov &6974,%bx“ / DNS Exfiltration and Out-of-Band Attacks
• BSidesLV 2019 / Low & Slow - Techniques for DNS Data Exfiltration
• Black Hat USA 2010 / PSUDP: A Passive Approach to Network-Wide Covert Communication