Title : ( A hybrid method of genetic algorithm and support vector machine for DNS tunneling detection )
Authors: Fuqdan A. Al-Ibraheemi , Sattar Al-Ibraheemi , Haleh Amintoosi ,Access to full-text not allowed by authors
Abstract
With the expansion of the business over the internet, corporations nowadays are investing numerous amounts of money in the web applications. However, there are different threats could make the corporations vulnerable for potential attacks. One of these threats is harnessing the domain name protocol for passing harmful information, this kind of threats is known as DNS tunneling. As a result, confidential information would be exposed and violated. Several studies have investigated the machine learning in order to propose a detection approach. In their approaches, authors have used different and numerous types of features such as domain length, number of bytes, content, volume of DNS traffic, number of hostnames per domain, geographic location and domain history. Apparently, there is a vital demand to accommodate feature selection task in order to identify the best features. This paper proposes a hybrid method of genetic algorithm feature selection approach with the support vector machine classifier for the sake of identifying the best features that have the ability to optimize the detection of DNS tunneling. To evaluate the proposed method, a benchmark dataset of DNS tunneling has been used. Results showed that the proposed method has outperformed the conventional SVM by achieving 0.946 of F-measure.
Keywords
DNS tunneling Feature selection Genetic algorithm Support vector machine@article{paperid:1086088,
author = {Fuqdan A. Al-Ibraheemi and Sattar Al-Ibraheemi and Amintoosi, Haleh},
title = {A hybrid method of genetic algorithm and support vector machine for DNS tunneling detection},
journal = {International Journal of Electrical and Computer Engineering-IJECE},
year = {2021},
volume = {11},
number = {2},
month = {April},
issn = {2088-8708},
pages = {1666--1674},
numpages = {8},
keywords = {DNS tunneling
Feature selection
Genetic algorithm
Support vector machine},
}
%0 Journal Article
%T A hybrid method of genetic algorithm and support vector machine for DNS tunneling detection
%A Fuqdan A. Al-Ibraheemi
%A Sattar Al-Ibraheemi
%A Amintoosi, Haleh
%J International Journal of Electrical and Computer Engineering-IJECE
%@ 2088-8708
%D 2021