{"id":"https://openalex.org/W4214664941","doi":"https://doi.org/10.3103/s0146411621080095","title":"The Use of Beacon Signals to Detect Covert Channels in DNS Traffic","display_name":"The Use of Beacon Signals to Detect Covert Channels in DNS Traffic","publication_year":2021,"publication_date":"2021-12-01","ids":{"openalex":"https://openalex.org/W4214664941","doi":"https://doi.org/10.3103/s0146411621080095"},"language":"en","primary_location":{"id":"doi:10.3103/s0146411621080095","is_oa":false,"landing_page_url":"https://doi.org/10.3103/s0146411621080095","pdf_url":null,"source":{"id":"https://openalex.org/S17203304","display_name":"Automatic Control and Computer Sciences","issn_l":"0146-4116","issn":["0146-4116","1558-108X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320267","host_organization_name":"Pleiades Publishing","host_organization_lineage":["https://openalex.org/P4310320267","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Pleiades Publishing","Springer Nature"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Automatic Control and Computer Sciences","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5011718785","display_name":"M. A. Eremeev","orcid":"https://orcid.org/0000-0002-5511-4000"},"institutions":[{"id":"https://openalex.org/I4210135186","display_name":"MIREA - Russian Technological University","ror":"https://ror.org/04qrtgy16","country_code":"RU","type":"education","lineage":["https://openalex.org/I4210135186"]}],"countries":["RU"],"is_corresponding":true,"raw_author_name":"M. A. Eremeev","raw_affiliation_strings":["MIREA\u2014Russian Technological University, 119454, Moscow, Russia"],"affiliations":[{"raw_affiliation_string":"MIREA\u2014Russian Technological University, 119454, Moscow, Russia","institution_ids":["https://openalex.org/I4210135186"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069993103","display_name":"Vladimir Sergeevich Nefedov","orcid":null},"institutions":[{"id":"https://openalex.org/I4210135186","display_name":"MIREA - Russian Technological University","ror":"https://ror.org/04qrtgy16","country_code":"RU","type":"education","lineage":["https://openalex.org/I4210135186"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"V. S. Nefedov","raw_affiliation_strings":["MIREA\u2014Russian Technological University, 119454, Moscow, Russia"],"affiliations":[{"raw_affiliation_string":"MIREA\u2014Russian Technological University, 119454, Moscow, Russia","institution_ids":["https://openalex.org/I4210135186"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008773920","display_name":"A. S. Ostrovskii","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"A. S. Ostrovskii","raw_affiliation_strings":["Central Research Institute 18, Ministry of Defense of the Russian Federation, 111123, Moscow, Russia"],"affiliations":[{"raw_affiliation_string":"Central Research Institute 18, Ministry of Defense of the Russian Federation, 111123, Moscow, Russia","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082034285","display_name":"D. A. Semchenkov","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"D. A. Semchenkov","raw_affiliation_strings":["Central Research Institute 18, Ministry of Defense of the Russian Federation, 111123, Moscow, Russia"],"affiliations":[{"raw_affiliation_string":"Central Research Institute 18, Ministry of Defense of the Russian Federation, 111123, Moscow, Russia","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5011718785"],"corresponding_institution_ids":["https://openalex.org/I4210135186"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.21190993,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":"55","issue":"8","first_page":"962","last_page":"969"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.822674036026001},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5632627606391907},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.5152094960212708},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.44553142786026},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.43116194009780884},{"id":"https://openalex.org/keywords/covert","display_name":"Covert","score":0.4165370464324951},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.2776678502559662},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.161513090133667}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.822674036026001},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5632627606391907},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.5152094960212708},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.44553142786026},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.43116194009780884},{"id":"https://openalex.org/C2779338814","wikidata":"https://www.wikidata.org/wiki/Q5179285","display_name":"Covert","level":2,"score":0.4165370464324951},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.2776678502559662},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.161513090133667},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.3103/s0146411621080095","is_oa":false,"landing_page_url":"https://doi.org/10.3103/s0146411621080095","pdf_url":null,"source":{"id":"https://openalex.org/S17203304","display_name":"Automatic Control and Computer Sciences","issn_l":"0146-4116","issn":["0146-4116","1558-108X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320267","host_organization_name":"Pleiades Publishing","host_organization_lineage":["https://openalex.org/P4310320267","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Pleiades Publishing","Springer Nature"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Automatic Control and Computer Sciences","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W44295252","https://openalex.org/W2023142437","https://openalex.org/W2099137371","https://openalex.org/W2290232896","https://openalex.org/W2784891679","https://openalex.org/W2789511255","https://openalex.org/W2897619937","https://openalex.org/W2994126126","https://openalex.org/W4233078193"],"related_works":["https://openalex.org/W2523525694","https://openalex.org/W2097492617","https://openalex.org/W2727423897","https://openalex.org/W2753240997","https://openalex.org/W2998642566","https://openalex.org/W2497612952","https://openalex.org/W2392682561","https://openalex.org/W57793151","https://openalex.org/W1764168690","https://openalex.org/W2537959205"],"abstract_inverted_index":{"An":[0,31],"approach":[1,99],"to":[2,66,79,100],"detect":[3,80],"covert":[4],"channels":[5],"(C2-channels)":[6],"based":[7],"on":[8,96],"the":[9,63,67,77],"DNS":[10,37],"protocol":[11],"is":[12,39,72],"considered.":[13],"It":[14],"involves":[15],"identifying":[16],"beacon":[17,54,83],"signals":[18,55],"or":[19],"certain":[20],"traffic":[21,38,103],"signatures,":[22],"which,":[23],"in":[24],"turn,":[25],"are":[26,60],"indicative":[27],"of":[28,33,35,53,91],"malware":[29],"activity.":[30],"analysis":[32],"samples":[34],"real":[36],"carried":[40],"out":[41],"followed":[42],"by":[43],"approximation":[44],"using":[45],"a":[46,81,97],"known":[47],"statistical":[48,98],"distribution.":[49],"The":[50,85],"time":[51],"parameters":[52],"sent":[56],"at":[57],"different":[58],"frequencies":[59],"modeled":[61],"and":[62],"optimal":[64],"(according":[65],"Neumann\u2013Pearson":[68],"criterion)":[69],"detection":[70,93],"threshold":[71,75],"determined.":[73],"This":[74],"minimizes":[76],"probability":[78],"false":[82],"signal.":[84],"results":[86],"allow":[87],"improving":[88],"preliminary":[89],"configuration":[90],"intrusion":[92],"systems":[94],"operating":[95],"analyze":[101],"network":[102],"parameters.":[104]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}