DNS hasn’t changed all that much since Paul Mockapetris invented it in 1983. According to Dan Kaminsky, the famous DNS security researcher, DNS can be thought of as a globally deployed routing and caching overlay network that connects both public and private Internet, which raises serious questions: Is it sufficiently secure? Is it vulnerable to data breaches?
The answer is that DNS can be abused in all sorts of unconventional ways that make it the perfect back door for hackers seeking to steal sensitive data. DNS is frequently used as a pathway for data exfiltration, because it is not inspected by common security controls.
This paper lays out the tactics hackers use to exploit DNS for purposes of DNS tunneling and data exfiltration. It also introduces new and patented technology which uses machine learning and performs real-time analytics on live DNS queries to detect and automatically block DNS tunneling and data exfiltration.