

<strong>Paper Title</strong><br>

Dns Filtering System With Threat Intelligence and Machine Learning for Enhanced Security<br>

<br>


<strong>Abstract</strong><br>

Domain Name System (DNS) has emerged as a significant object of contemporary cyberattacks, such as malware command-and-control communication, phishing, domain generation algorithms (DGAs), and DNS tunneling. Conventional DNS security systems typically depend on single-layer detection strategies and do not support encrypted DNS systems like DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT). The paper will present a multi-layered, integrated DNS filtering framework, which is based on blacklist and whitelist filtering, real-time threat information feeds via STIX/TAXII, AI/ML-based domain analysis, and the identification of DNS tunneling. The proposed system will facilitate DNS over HTTPS, active and passive DNS analysis, and a real time monitoring dashboard to ensure the solution is scalable, efficient, and can be used in real time deployment.

Keywords - DNS Security, Threat Intelligence, Machine Learning, DNS Tunneling, DoH, DGA Detection