This repo demonstrates the performance of various types of classifiers from the scikit-learn and xbgoost Python libraries, applied to the problem of detecting exfiltration in DNS requests. The datasets used are available here.
For usage examples, please see the model_comparison.ipynb notebook.
For details on working with the datasets, please consult the docstrings
in exfiltration_dataset.py and exfiltration_classifier.py.