OARC 44 (Atlanta, Georgia, USA)

Name: OARC 44 (Atlanta, Georgia, USA)
Start: 2025-02-06T09:00:00-05:00
End: 2025-02-07T17:05:00-05:00
Location: Atlanta Marriott Marquis

6–7 Feb 2025

Atlanta Marriott Marquis

America/New_York timezone

OARC Meeting Admin

Pink-Lemur - Convolutional Neural Network (CNN) DNS Tunneling Detection

7 Feb 2025, 11:55

25m

Imperial Salon B ( Atlanta Marriott Marquis)

Imperial Salon B

Atlanta Marriott Marquis

265 Peachtree Center Ave NE Atlanta GA 30303 United States

In-Person Standard Presentation Main Session OARC 44 Day 2

David Rodriguez (Cisco Systems)Dr Dejan Donin (Cisco)

Pink-Lemur is a convolutional neural network trained to identify string encodings associated with data-exfiltration techniques in DNS. Using a character embedding table, and bottleneck convolutional architecture, we achieve an efficient and accurate technique to distinguish exfiltration and domain name labels that are prevalent in DNS. In addition to low false-positive requirements, fast and scalable performance is required. Using a custom tensor library developed in C, we translate PyTorch models into models that can run at the edge in DNS resolvers and classify traffic in realtime. We discuss implementation challenges that were overcome and discuss performance results of implementing this algorithm on a resolver host.

Talk duration	20 Minutes (+5 for Q&A)

David Rodriguez (Cisco Systems)

Ms Andrea Kaiser (Cisco Systems) Brian Somers (OpenDNS/Cisco)

OARC44-pink-lemur-2.pdf

OARC 44 (Atlanta, Georgia, USA)

OARC Meeting Admin

Pink-Lemur - Convolutional Neural Network (CNN) DNS Tunneling Detection

Imperial Salon B

Atlanta Marriott Marquis

Speakers

Description

Primary author

Co-authors

Presentation materials

Choose timezone

OARC 44 (Atlanta, Georgia, USA)

OARC Meeting Admin

Speakers

Description

Primary author

Co-authors

Presentation materials