Deep Lookup - Deep Learning for Domain Name System
Project description
Deep Lookup - Deep Learning for Domain Name System
Installation
Installation Using PyPi
pip install deeplookup
Using DeepLookup
DeepLookup provides a Resolver
instance that inhertits dns.resolver.Resolver
from deeplookup import Resolver
resolver = Resolver()
for ip in resolver.resolve("google.com", "A"):
print(f"ip: {ip.to_text()}")
The code above, performs a veficiation of a queried name using a nerual network trained to detect malicious queries (DGAs and tunnels). For the example above the output will look like following:
ip: 142.250.184.206
When the queried name is generated using domain generation algorith, the resolver throws
dns.resolver.NXDOMAIN
without even accessing a remote nameserver.
for ip in resolver.resolve("mjewnjixnjaa.com", "A"):
print(f"ip: {ip.to_text()}")
The output of the example above will throw the following error:
dns.resolver.NXDOMAIN: The DNS query name does not exist: mjewnjixnjaa.com.
Publications
- Bubnov Y., Ivanov N. (2020) Text analysis of DNS queries for data exfiltration protection of computer networks, Informatics, 3, 78-86.
- Bubnov Y., Ivanov N. (2020) Hidden Markov model for malicious hosts detection in a computer network, Journal of BSU. Mathematics and Informatics, 3, 73-79.
- Bubnov Y., Ivanov N. (2021) DGA domain detection and botnet prevention using Q-learning for POMDP, Doklady BGUIR, 2, 91-99.
Datasets
- Bubnov Y. (2019) DNS Tunneling Queries for Binary Classification, Mendeley Data, v1.
- Zago M., Perez. M.G., Perez G.M. (2020) UMUDGA - University of Murcia Domain Generation Algorithm Dataset, Mendeley Data, v1.
- Bybnov Y. (2021) DGTA-BENCH - Domain Generation and Tunneling Algorithms for Benchmark, Mendeley Data, v1.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
No source distribution files available for this release.See tutorial on generating distribution archives.
Built Distribution
deeplookup-0.1.0-py3-none-any.whl
(11.5 MB
view hashes)
Close
Hashes for deeplookup-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 4124fb869e49627635478a2e9e206354a27f126d23771df4121563d6776b77dd |
|
MD5 | c17e0da6d8effc4168a5d4ce9bfee9f6 |
|
BLAKE2b-256 | 5affe03f5661083831be52ec19266d188034e7377437d45e32114cc6541b119b |