Loading…
Entropy-Based Evaluation of DNS Activity for Threat Hunting
The paper documents, based mainly on [1]-[5] published papers where a consistent mathematical description of cyberspace and various types of Cyber-Attacks and protection measures are presented, a mathematical approach for Cyber Threat Hunting2 using Domain Name System (DNS)3 observations. After refe...
Saved in:
| Published in: | Journal of applied mathematics and bioinformatics 2021-05, Vol.11 (1), p.25-31 |
|---|---|
| Main Author: | |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | |
| container_end_page | 31 |
| container_issue | 1 |
| container_start_page | 25 |
| container_title | Journal of applied mathematics and bioinformatics |
| container_volume | 11 |
| creator | Alexopoulos, Argyrios Argi |
| description | The paper documents, based mainly on [1]-[5] published papers where a consistent mathematical description of cyberspace and various types of Cyber-Attacks and protection measures are presented, a mathematical approach for Cyber Threat Hunting2 using Domain Name System (DNS)3 observations. After referring [5] to the various Advanced Persistent Threat (APT)4 hunting techniques we propose a high level, mainly, entropy-based technique for detecting the existence of various threat vectors in our networks, demystifying DNS Anomalies. |
| doi_str_mv | 10.47260/jamb/1112 |
| format | article |
| fullrecord | <record><control><sourceid>proquest</sourceid><recordid>TN_cdi_proquest_journals_2548433273</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2548433273</sourcerecordid><originalsourceid>FETCH-LOGICAL-c992-f1a26f695d943f0781cc393522b71e5065204b88931c39b1b30e17689deb7d863</originalsourceid><addsrcrecordid>eNpNjT1PwzAURS0EElXpwi-wxBzq55f4Q0ylpBSpgoHslZ3YkKjExXEq9d8TCQbucq_OcA8ht8Duc8kFW3bmyy4BgF-QGUjNM6FRX_7b12QxDB2bIhUXgs3IQ9mnGI7n7NEMrqHlyRxGk9rQ0-Dp0-s7XdWpPbXpTH2ItPqMziS6HfvU9h835Mqbw-AWfz0n1aas1tts9_b8sl7tslpPXg-GCy900egc_SSGukaNBedWgiuYKDjLrVIaYeIWLDIHUijdOCsbJXBO7n5vjzF8j25I-y6MsZ-Me17kKkfkEvEHL7dHQQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2548433273</pqid></control><display><type>article</type><title>Entropy-Based Evaluation of DNS Activity for Threat Hunting</title><source>ABI/INFORM Global (ProQuest)</source><creator>Alexopoulos, Argyrios Argi</creator><creatorcontrib>Alexopoulos, Argyrios Argi</creatorcontrib><description>The paper documents, based mainly on [1]-[5] published papers where a consistent mathematical description of cyberspace and various types of Cyber-Attacks and protection measures are presented, a mathematical approach for Cyber Threat Hunting2 using Domain Name System (DNS)3 observations. After referring [5] to the various Advanced Persistent Threat (APT)4 hunting techniques we propose a high level, mainly, entropy-based technique for detecting the existence of various threat vectors in our networks, demystifying DNS Anomalies.</description><identifier>ISSN: 1792-6939</identifier><identifier>EISSN: 1792-6939</identifier><identifier>DOI: 10.47260/jamb/1112</identifier><language>eng</language><publisher>Athens: International Scientific Press</publisher><subject>Algorithms ; Anomalies ; Cybersecurity ; Domain names ; Entropy ; Hunting ; Internet ; Internet service providers ; Malware ; Mathematical analysis ; Queries ; Servers ; URLs ; Vectors (mathematics)</subject><ispartof>Journal of applied mathematics and bioinformatics, 2021-05, Vol.11 (1), p.25-31</ispartof><rights>Copyright International Scientific Press 2021</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://www.proquest.com/docview/2548433273/fulltextPDF?pq-origsite=primo$$EPDF$$P50$$Gproquest$$H</linktopdf><linktohtml>$$Uhttps://www.proquest.com/docview/2548433273?pq-origsite=primo$$EHTML$$P50$$Gproquest$$H</linktohtml><link.rule.ids>314,780,784,11688,27924,27925,36060,44363,74895</link.rule.ids></links><search><creatorcontrib>Alexopoulos, Argyrios Argi</creatorcontrib><title>Entropy-Based Evaluation of DNS Activity for Threat Hunting</title><title>Journal of applied mathematics and bioinformatics</title><description>The paper documents, based mainly on [1]-[5] published papers where a consistent mathematical description of cyberspace and various types of Cyber-Attacks and protection measures are presented, a mathematical approach for Cyber Threat Hunting2 using Domain Name System (DNS)3 observations. After referring [5] to the various Advanced Persistent Threat (APT)4 hunting techniques we propose a high level, mainly, entropy-based technique for detecting the existence of various threat vectors in our networks, demystifying DNS Anomalies.</description><subject>Algorithms</subject><subject>Anomalies</subject><subject>Cybersecurity</subject><subject>Domain names</subject><subject>Entropy</subject><subject>Hunting</subject><subject>Internet</subject><subject>Internet service providers</subject><subject>Malware</subject><subject>Mathematical analysis</subject><subject>Queries</subject><subject>Servers</subject><subject>URLs</subject><subject>Vectors (mathematics)</subject><issn>1792-6939</issn><issn>1792-6939</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>M0C</sourceid><recordid>eNpNjT1PwzAURS0EElXpwi-wxBzq55f4Q0ylpBSpgoHslZ3YkKjExXEq9d8TCQbucq_OcA8ht8Duc8kFW3bmyy4BgF-QGUjNM6FRX_7b12QxDB2bIhUXgs3IQ9mnGI7n7NEMrqHlyRxGk9rQ0-Dp0-s7XdWpPbXpTH2ItPqMziS6HfvU9h835Mqbw-AWfz0n1aas1tts9_b8sl7tslpPXg-GCy900egc_SSGukaNBedWgiuYKDjLrVIaYeIWLDIHUijdOCsbJXBO7n5vjzF8j25I-y6MsZ-Me17kKkfkEvEHL7dHQQ</recordid><startdate>20210510</startdate><enddate>20210510</enddate><creator>Alexopoulos, Argyrios Argi</creator><general>International Scientific Press</general><scope>0U~</scope><scope>1-H</scope><scope>3V.</scope><scope>7WY</scope><scope>7WZ</scope><scope>7XB</scope><scope>87Z</scope><scope>885</scope><scope>8FE</scope><scope>8FG</scope><scope>8FK</scope><scope>8FL</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ANIOZ</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>FRAZJ</scope><scope>FRNLG</scope><scope>F~G</scope><scope>HCIFZ</scope><scope>K60</scope><scope>K6~</scope><scope>L.-</scope><scope>L.0</scope><scope>L6V</scope><scope>M0C</scope><scope>M1F</scope><scope>M7S</scope><scope>PQBIZ</scope><scope>PQBZA</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>PYYUZ</scope><scope>Q9U</scope></search><sort><creationdate>20210510</creationdate><title>Entropy-Based Evaluation of DNS Activity for Threat Hunting</title><author>Alexopoulos, Argyrios Argi</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c992-f1a26f695d943f0781cc393522b71e5065204b88931c39b1b30e17689deb7d863</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Algorithms</topic><topic>Anomalies</topic><topic>Cybersecurity</topic><topic>Domain names</topic><topic>Entropy</topic><topic>Hunting</topic><topic>Internet</topic><topic>Internet service providers</topic><topic>Malware</topic><topic>Mathematical analysis</topic><topic>Queries</topic><topic>Servers</topic><topic>URLs</topic><topic>Vectors (mathematics)</topic><toplevel>online_resources</toplevel><creatorcontrib>Alexopoulos, Argyrios Argi</creatorcontrib><collection>Global News & ABI/Inform Professional</collection><collection>Trade PRO</collection><collection>ProQuest Central (Corporate)</collection><collection>ABI/INFORM Collection</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ABI/INFORM Global (Alumni Edition)</collection><collection>Banking Information Database (Alumni Edition)</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection (Alumni Edition)</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>Accounting, Tax & Banking Collection</collection><collection>AUTh Library subscriptions: ProQuest Central</collection><collection>Business Premium Collection</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Accounting, Tax & Banking Collection (Alumni)</collection><collection>Business Premium Collection (Alumni)</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>SciTech Premium Collection (Proquest) (PQ_SDU_P3)</collection><collection>ProQuest Business Collection (Alumni Edition)</collection><collection>ProQuest Business Collection</collection><collection>ABI/INFORM Professional Advanced</collection><collection>ABI/INFORM Professional Standard</collection><collection>ProQuest Engineering Collection</collection><collection>ABI/INFORM Global (ProQuest)</collection><collection>Banking Information Database</collection><collection>Engineering Database</collection><collection>ProQuest One Business</collection><collection>ProQuest One Business (Alumni)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>ABI/INFORM Collection China</collection><collection>ProQuest Central Basic</collection><jtitle>Journal of applied mathematics and bioinformatics</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Alexopoulos, Argyrios Argi</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Entropy-Based Evaluation of DNS Activity for Threat Hunting</atitle><jtitle>Journal of applied mathematics and bioinformatics</jtitle><date>2021-05-10</date><risdate>2021</risdate><volume>11</volume><issue>1</issue><spage>25</spage><epage>31</epage><pages>25-31</pages><issn>1792-6939</issn><eissn>1792-6939</eissn><abstract>The paper documents, based mainly on [1]-[5] published papers where a consistent mathematical description of cyberspace and various types of Cyber-Attacks and protection measures are presented, a mathematical approach for Cyber Threat Hunting2 using Domain Name System (DNS)3 observations. After referring [5] to the various Advanced Persistent Threat (APT)4 hunting techniques we propose a high level, mainly, entropy-based technique for detecting the existence of various threat vectors in our networks, demystifying DNS Anomalies.</abstract><cop>Athens</cop><pub>International Scientific Press</pub><doi>10.47260/jamb/1112</doi><tpages>7</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1792-6939 |
| ispartof | Journal of applied mathematics and bioinformatics, 2021-05, Vol.11 (1), p.25-31 |
| issn | 1792-6939 1792-6939 |
| language | eng |
| recordid | cdi_proquest_journals_2548433273 |
| source | ABI/INFORM Global (ProQuest) |
| subjects | Algorithms Anomalies Cybersecurity Domain names Entropy Hunting Internet Internet service providers Malware Mathematical analysis Queries Servers URLs Vectors (mathematics) |
| title | Entropy-Based Evaluation of DNS Activity for Threat Hunting |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-01T20%3A50%3A15IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Entropy-Based%20Evaluation%20of%20DNS%20Activity%20for%20Threat%20Hunting&rft.jtitle=Journal%20of%20applied%20mathematics%20and%20bioinformatics&rft.au=Alexopoulos,%20Argyrios%20Argi&rft.date=2021-05-10&rft.volume=11&rft.issue=1&rft.spage=25&rft.epage=31&rft.pages=25-31&rft.issn=1792-6939&rft.eissn=1792-6939&rft_id=info:doi/10.47260/jamb/1112&rft_dat=%3Cproquest%3E2548433273%3C/proquest%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c992-f1a26f695d943f0781cc393522b71e5065204b88931c39b1b30e17689deb7d863%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2548433273&rft_id=info:pmid/&rfr_iscdi=true |