Demo Abstract: A Tool to Detect and Visualize Malicious DNS Queries for Enterprise Networks.

This demo presents our web-tool to access and visualize real-time detection of malicious DNS queries for an enterprise network of a large university campus in Sydney, Australia. We showcase two aspects: (1) how to access and process our open data-set containing more than one million DNS queries pertaining to data exfiltration we generated in our campus network, enabling insights into the attributes of such malicious queries; and (2) visualizing our real-time learning-based detection engine operational on 10 Gbps traffic streams from the network border of the university campus.