VISUALIZING DNS QUERY ENTROPY VIA A DENSITY GRAPH (DNS - PART 5)
Hi ! I recently discussed the use of entropy in relation to DNS queries and the benefits of calculating it. I will continue to present ways to visualize the entropy of DNS queries, this time using the concept of density.
THE ART OF WAR (PART 3)
Hi ! The Art of War by Sun Tzu is surprisingly well-suited to cybersecurity, not because networks resemble battlefields literally, but because the underlying logic of conflict, deception, and asymmetric advantage maps cleanly onto modern digital environments. In a previous article, I indicated that cybersecurity principles could be applied to the concepts discussed in the 13 chapters.
THE ART OF WAR (PART 2)
Hi ! In my previous post, I mentioned that “The Art of War” was taught at the military level. Here’s what my recent research indicates on the subject.
THE ART OF WAR (PART 1)
Hi ! In upcoming blog posts, we’ll be discussing two books that anyone working in cybersecurity should read.
VISUALIZING DNS QUERY ENTROPY VIA A SCATTERPLOT GRAPH (DNS - PART 4)
Hi ! I recently discussed the use of entropy in relation to DNS queries and the benefits of calculating it.
CALCULATING ENTROPY OF QUERIES (DNS - PART 3)
Hi ! Calculating DNS query entropy is an advanced cybersecurity technique to detect malicious activity that would go undetected with traditional filtering methods.
USING THE 'TRANCO' LIST (DNS - PART 2)
Hi ! What is Tranco? (https://tranco-list.eu/) Tranco is a high-quality, research-oriented list of the top one million websites. It was created by academic researchers to solve the reliability issues found in older, commercial rankings like Alexa or Cisco Umbrella.
LET'S TALK A LITTLE ABOUT 'DOMAIN NAME SYSTEM' (DNS - PART 1)
Hi ! If there’s one network protocol I find fascinating, not just because of the possibilities it offers in terms of attack and defense capabilities, it’s DNS.
USE ZEEK TO MONITOR CONNECTIONS TO SPECIFIC COUNTRIES
Hi ! I have spoken about “Zeek” many times in the past. One of its strengths (if not one of the most interesting in my opinion) is its scripting language, which allows it to be programmed to perform the tasks one wants. Let’s imagine we want to identify all network connections to and from “friendly” countries. Since I don’t want to ostracize anyone, I’m going to include everyone in a somewhat mixed group. What interests me most is seeing who, from my information assets, initiates outbound communications to the “trusted relationships” mentioned above. Please note, and I repeat, I have deliberately included both the “not-so-bright” ones, as a friend would say, and those considered more trustworthy.
WEBSITE REDESIGN
Hi ! I will gradually reorganize the naming and presentation of the various graphs available on this web server. The reason is that the more I add, the harder it is to find your way around.