DNS exfiltration guided by generative adversarial networks

Today, DNS exfiltration attacks are detected by checking for anomalies present in the traffic, such as unusually high transmission rates to a single domain and/or DNS query patterns that are very different from those in benign queries. While such approaches are seemingly robust, we show in this paper that our carefully designed and novel DNS exfiltration attack, Dolos, that uses a generative adversarial network (GAN), can guide the encoding of sensitive data in a manner that both evades these detectors and significantly speeds up the exfiltration rate compared to prior methods. At its core, Dolos divides the exfiltration data into smaller chunks, and projects each chunk into a representation that is very similar to benign queries. In addition, Dolosadaptively tunes its exfiltration rate to conform with benign DNS traffic from the compromised host, and introduces proper levels of spurious traffic to reduce entropy.

Importantly, Dolos evades machine learning (ML) based detectors with no prior knowledge of their architectures or training sets (i.e., it is a blackbox exfiltration). We perform extensive evaluations using multiple datasets and also have a real implementation of Dolos. Our evaluations show that Dolos has a 12% detection probability even if 6 out of the 9 state-of-the-art defenses that we consider, are jointly used to detect exfiltration; if any of today's baseline exfiltration techniques try to achieve the same rate as Dolos in this setting, they are almost surely detected. If we reduce the rates of the baselines to achieve even a low albeit slightly higher detection probability than Dolos (0.15), we see that they take 25 x longer to achieve the exfiltration. With the other three defenses, we find that baselines are almost surely detected while Dolos remains relatively unaffected regardless of the rate of exfiltration.