DNS tunnels are built by proper tools that allow embedding data on DNS queries and responses. Each tool has its own strategies that affect the network performance in a unique way. In this article, we propose an architectural analysis of the current state-of-the-art of DNS tunneling tools. Then, we provide a comparative evaluation of such tools in term of performance, as a first step towards the possibility to relate each tool with a specific pattern of the DNS traffic. To this aim, we define an assessment of the tools in three different network configurations based on three performance metrics. We finally analyse the testing results and provide a first characterization of the performance of each tool.
Performance assessment and analysis of DNS tunneling tools
M Aiello;G Papaleo
2012
Abstract
DNS tunnels are built by proper tools that allow embedding data on DNS queries and responses. Each tool has its own strategies that affect the network performance in a unique way. In this article, we propose an architectural analysis of the current state-of-the-art of DNS tunneling tools. Then, we provide a comparative evaluation of such tools in term of performance, as a first step towards the possibility to relate each tool with a specific pattern of the DNS traffic. To this aim, we define an assessment of the tools in three different network configurations based on three performance metrics. We finally analyse the testing results and provide a first characterization of the performance of each tool.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
