├── README.md
├── dns_tunnel_predict_xshell.py
├── dns_tunnel_train_model.py
├── requirements.txt
├── sample_data
    ├── labeled_black
    │   ├── dns2tcp_cmd.pcap.txt
    │   ├── dns2tcp_sendfile9.pcap.txt
    │   ├── dns2tcp_when_use_ssh.txt
    │   ├── dnscapy_scp.pcap.txt
    │   ├── dnscapy_scp2.pcap.txt
    │   ├── dnscat2_when_exec_command_rm_file.txt
    │   ├── dnscat2_when_idle.txt
    │   ├── download_dnscat2_file12.pcap.txt
    │   ├── download_dnscat2_file13.pcap.txt
    │   ├── download_dnscat2_file14.pcap.txt
    │   ├── iodine_direct_scp17_base128.pcap.txt
    │   ├── iodine_direct_scp3_base64.pcap.txt
    │   ├── iodine_direct_ssh4_base32.pcap.txt
    │   ├── iodine_direct_ssh6_base128.pcap.txt
    │   ├── iodine_direct_ssh6_base64.pcap.txt
    │   ├── iodine_direct_ssh6_base64u.pcap.txt
    │   ├── iodine_direct_ssh9_base32_again.pcap.txt
    │   ├── iodine_idle_direct_idle44.pcap.txt
    │   ├── nbtoo_dnscat_file7.pcap.txt
    │   ├── ozyman_idle.pcap.txt
    │   ├── ozyman_idle2.pcap.txt
    │   ├── ozyman_idle3.pcap.txt
    │   └── tcp-over-dns-idle.pcap.txt
    ├── labeled_cdn
    │   ├── 2017-8-2-0-ctripgslb.com.txt
    │   ├── 2017-8-2-0-dlgslb.com.txt
    │   ├── 2017-8-2-0-gosuncdn.com.txt
    │   ├── 2017-8-2-0-mccdnglb.com.txt
    │   ├── 2017-8-2-0-mmycdn.com.txt
    │   ├── 2017-8-2-0-ruisucdn.com.txt
    │   ├── 2017-8-2-0-spcdntip.com.txt
    │   ├── 2017-8-2-0-tcdnvod.com.txt
    │   └── 2017-8-2-8-tcdnvod.com.txt
    └── labeled_white
    │   ├── 2017-8-15-0-henanpeace.org.cn.txt
    │   ├── 2017-8-15-8-qichedaquan.com.txt
    │   ├── 2017-8-16-11-lse.ac.uk.txt
    │   ├── 2017-8-16-9-dicp.ac.cn.txt
    │   ├── 2017-8-2-0-365yg.com.txt
    │   └── 2017-8-2-0-bilibiligame.net.txt
└── xshell_data
    └── 2017-8-2-9-nylalobghyhirgh.com.txt


/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/README.md


--------------------------------------------------------------------------------
/dns_tunnel_predict_xshell.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/dns_tunnel_predict_xshell.py


--------------------------------------------------------------------------------
/dns_tunnel_train_model.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/dns_tunnel_train_model.py


--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/requirements.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/dns2tcp_cmd.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/dns2tcp_cmd.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/dns2tcp_sendfile9.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/dns2tcp_sendfile9.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/dns2tcp_when_use_ssh.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/dns2tcp_when_use_ssh.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/dnscapy_scp.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/dnscapy_scp.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/dnscapy_scp2.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/dnscapy_scp2.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/dnscat2_when_exec_command_rm_file.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/dnscat2_when_exec_command_rm_file.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/dnscat2_when_idle.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/dnscat2_when_idle.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/download_dnscat2_file12.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/download_dnscat2_file12.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/download_dnscat2_file13.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/download_dnscat2_file13.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/download_dnscat2_file14.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/download_dnscat2_file14.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/iodine_direct_scp17_base128.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/iodine_direct_scp17_base128.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/iodine_direct_scp3_base64.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/iodine_direct_scp3_base64.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/iodine_direct_ssh4_base32.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/iodine_direct_ssh4_base32.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/iodine_direct_ssh6_base128.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/iodine_direct_ssh6_base128.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/iodine_direct_ssh6_base64.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/iodine_direct_ssh6_base64.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/iodine_direct_ssh6_base64u.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/iodine_direct_ssh6_base64u.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/iodine_direct_ssh9_base32_again.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/iodine_direct_ssh9_base32_again.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/iodine_idle_direct_idle44.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/iodine_idle_direct_idle44.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/nbtoo_dnscat_file7.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/nbtoo_dnscat_file7.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/ozyman_idle.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/ozyman_idle.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/ozyman_idle2.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/ozyman_idle2.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/ozyman_idle3.pcap.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_black/ozyman_idle3.pcap.txt


--------------------------------------------------------------------------------
/sample_data/labeled_black/tcp-over-dns-idle.pcap.txt:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/sample_data/labeled_cdn/2017-8-2-0-ctripgslb.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_cdn/2017-8-2-0-ctripgslb.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_cdn/2017-8-2-0-dlgslb.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_cdn/2017-8-2-0-dlgslb.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_cdn/2017-8-2-0-gosuncdn.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_cdn/2017-8-2-0-gosuncdn.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_cdn/2017-8-2-0-mccdnglb.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_cdn/2017-8-2-0-mccdnglb.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_cdn/2017-8-2-0-mmycdn.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_cdn/2017-8-2-0-mmycdn.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_cdn/2017-8-2-0-ruisucdn.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_cdn/2017-8-2-0-ruisucdn.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_cdn/2017-8-2-0-spcdntip.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_cdn/2017-8-2-0-spcdntip.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_cdn/2017-8-2-0-tcdnvod.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_cdn/2017-8-2-0-tcdnvod.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_cdn/2017-8-2-8-tcdnvod.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_cdn/2017-8-2-8-tcdnvod.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_white/2017-8-15-0-henanpeace.org.cn.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_white/2017-8-15-0-henanpeace.org.cn.txt


--------------------------------------------------------------------------------
/sample_data/labeled_white/2017-8-15-8-qichedaquan.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_white/2017-8-15-8-qichedaquan.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_white/2017-8-16-11-lse.ac.uk.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_white/2017-8-16-11-lse.ac.uk.txt


--------------------------------------------------------------------------------
/sample_data/labeled_white/2017-8-16-9-dicp.ac.cn.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_white/2017-8-16-9-dicp.ac.cn.txt


--------------------------------------------------------------------------------
/sample_data/labeled_white/2017-8-2-0-365yg.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_white/2017-8-2-0-365yg.com.txt


--------------------------------------------------------------------------------
/sample_data/labeled_white/2017-8-2-0-bilibiligame.net.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/sample_data/labeled_white/2017-8-2-0-bilibiligame.net.txt


--------------------------------------------------------------------------------
/xshell_data/2017-8-2-9-nylalobghyhirgh.com.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/BoneLee/dns_tunnel_dectect_with_CNN/HEAD/xshell_data/2017-8-2-9-nylalobghyhirgh.com.txt


--------------------------------------------------------------------------------