R. Alshammari and A. Zincir-heywood, Machine learning based encrypted traffic classification: Identifying SSH and Skype, Proceedings of the IEEE Symposium on Computational Intelligence in Security and Defense Applications, 2009.

R. Alshammari and A. Zincir-heywood, Can encrypted traffic be identified without port numbers, IP addresses and payload inspection? Computer Networks, vol.55, pp.1326-1350, 2011.

L. Bernaille and R. Teixeira, Early recognition of encrypted applications, Proceedings of the Eighth International Conference on Passive and Active Network Measurement, pp.165-175, 2007.
URL : https://hal.archives-ouvertes.fr/hal-01097556

D. Bonfiglio, M. Mellia, M. Meo, D. Rossi, and P. Tofanelli, Revealing Skype traffic: When randomness plays with you, vol.37, pp.37-48, 2007.

K. Born, PSUDP: A passive approach to network-wide covert communications, presented at Black Hat USA, 2010.

K. Born and D. Gustafson, Detecting DNS tunnels using character frequency analysis, Proceedings of the Ninth Annual Security Conference, 2010.

M. Crotti, M. Dusi, F. Gringoli, and L. Salgarelli, Detecting HTTP tunnels with statistical mechanisms, Proceedings of the IEEE International Conference on Communications, pp.6162-6168, 2007.

S. Davidoff and J. Ham, Network Forensics: Tracking Hackers through Cyberspace, Pearson Education, 2012.

C. Dietrich, C. Rossow, F. Freiling, H. Bos, M. Van-steen et al., On botnets that use DNS for command and control, Proceedings of the Seventh European Conference on Computer Network Defense, pp.9-16, 2011.

M. Dusi, M. Crotti, F. Gringoli, and L. Salgarelli, Detection of encrypted tunnels across network boundaries, Proceedings of the IEEE International Conference on Communications, pp.1738-1744, 2008.

M. Dusi, M. Crotti, F. Gringoli, and L. Salgarelli, Tunnel Hunter: Detecting application-layer tunnels with statistical fingerprinting, Computer Networks, vol.53, issue.1, pp.81-97, 2009.

E. Ekman and B. Andersson, Iodine Tunneling Protocol Documentation v502 (github.com/yarrick/iodine), 2014.

G. Farnham, Detecting DNS Tunneling, 2013.

N. Hands, B. Yang, and R. Hansen, A study on botnets utilizing DNS, Proceedings of the Fourth Annual ACM Conference on Research in Information Technology, pp.23-28, 2015.

E. Hjelmvik and W. John, Breaking and Improving Protocol Obfuscation, 2010.

I. Homem, TunnelStatsTests (github.com/irvinhomem/Tunnel StatsTests), 2016.

M. Mandiant, Annual Threat Report: Beyond the Breach, 2014.

O. Opendns and . Security-talk, The Role of DNS in Botnet Command and Control, 2011.

O. Santos, Network Security with NetFlow and IPFIX: Big Data Analytics for Information Security, 2016.

D. Song, D. Wagner, and X. Tian, Timing analysis of keystrokes and timing attacks on SSH, Proceedings of the Tenth USENIX Security Symposium, 2001.

M. Stevanovic, J. Pedersen, A. D'alconzo, S. Ruehrup, and A. Berger, On the ground truth problem of malicious DNS traffic analysis, Computers and Security, vol.55, pp.142-158, 2015.

I. Valenzuela, Game Changer: Identifying and defending against data exfiltration attempts, presented at the SANS Cyber Defense Summit, 2015.

K. Xu, P. Butler, S. Saha, and D. Yao, DNS for massive-scale command and control, IEEE Transactions on Dependable and Secure Computing, vol.10, issue.3, pp.143-153, 2013.