DNS Firewall Based on Machine Learning

Nowadays there are many DNS firewall solutions to prevent users accessing malicious domains. These can provide real-time protection and block illegitimate communications, contributing the cybersecurity posture of organizations. Most these based on known domain lists that being constantly updated. However, in this way, it is only possible communications for domains, leaving out others but have not yet been updated blocklists. This work provides a study implement solution ML so improve detection requests fly. For purpose, dataset with 34 features 90 k records was created real logs. The data were enriched using OSINT sources. Exploratory analysis preparation steps carried out, final submitted different Supervised algorithms accurately quickly classify if request or not. results show able benign domains accuracy rates between 89% 96%, classification time 0.01 3.37 s. contributions twofold. In terms research, made public methodology be used by other researchers. solution, baseline an band firewall.