Passive monitoring of DNS anomalies - (Extended abstract)

被引:0
|
作者
Zdrnja, Bojan [1 ]
Brownlee, Nevil [1 ]
Wessels, Duane [2 ]
机构
[1] Univ Auckland, Auckland, New Zealand
[2] Measurement Factory Inc, Boulder, CO USA
来源
DETECTION OF INTRUSIONS AND MALWARE, AND VULNERABILITY ASSESSMENT, PROCEEDINGS | 2007年 / 4579卷
关键词
D O I
暂无
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
We collected DNS responses at the University of Auckland Internet gateway in an SQL database, and analyzed them to detect unusual behaviour. Our DNS response data have included typo squatter domains, fast flux domains and domains being (ab)used by spammers. We observe that current attempts to reduce spam have greatly increased the number of A records being resolved. We also observe that the data locality of DNS requests diminishes because of domains advertised in spam.
引用
收藏
页码:129 / +
页数:3
相关论文
共 50 条
  • [1] Global Internet Monitoring Using Passive DNS
    Dagon, David
    Lee, Wenke
    CATCH 2009: CYBERSECURITY APPLICATIONS AND TECHNOLOGY CONFERENCE FOR HOMELAND SECURITY, PROCEEDINGS, 2009, : 163 - 168
  • [2] A Human-in-the-Loop Tool for Annotating Passive Acoustic Monitoring Datasets (Extended Abstract)
    Kath, Hannes
    Gouvea, Thiago S.
    Sonntag, Daniel
    KI 2024: ADVANCES IN ARTIFICIAL INTELLIGENCE, KI 2024, 2024, 14992 : 341 - 345
  • [3] Detecting anomalies in DNS protocol traces via passive testing and process mining
    Saint-Pierre, Cecilia
    Cifuentes, Francisco
    Bustos-Jimenez, Javier
    2014 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2014, : 520 - 521
  • [4] DNSSM: A Large Scale Passive DNS Security Monitoring Framework
    Marchal, Samuel
    Francois, Jerome
    Wagner, Cynthia
    State, Radu
    Dulaunoy, Alexandre
    Engel, Thomas
    Festor, Olivier
    2012 IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (NOMS), 2012, : 988 - 993
  • [5] Provably correct runtime monitoring (extended abstract)
    Aktug, Irem
    Dam, Mads
    Gurov, Dilian
    FM 2008: FORMAL METHODS, PROCEEDINGS, 2008, 5014 : 262 - +
  • [6] Anti-evasion Technique for the Botnets Detection Based on the Passive DNS Monitoring and Active DNS Probing
    Pomorova, Oksana
    Savenko, Oleg
    Lysenko, Sergii
    Kryshchuk, Andrii
    Bobrovnikova, Kira
    COMPUTER NETWORKS, CN 2016, 2016, 608 : 83 - 95
  • [7] Drone Monitoring System for Disaster Areas Extended Abstract
    Hock, Patrick
    Wakiyama, Koki
    Oshima, Chika
    Nakayama, Koichi
    PROCEEDINGS OF THE 2019 GENETIC AND EVOLUTIONARY COMPUTATION CONFERENCE COMPANION (GECCCO'19 COMPANION), 2019, : 1686 - 1690
  • [8] A Perception System for DNS Root Service Status Based on Active and Passive Monitoring
    Dong, Guozhong
    Guo, Hao
    Wu, Hualong
    WEB AND BIG DATA, APWEB-WAIM 2024, PT V, 2024, 14965 : 378 - 382
  • [9] Monitoring a Fast Flux botnet using recursive and passive DNS: A case study
    Mahjoub, Dhia
    2013 ECRIME RESEARCHERS SUMMIT (ECRS), 2013,
  • [10] Proof of Authenticity of Logistics Information with Passive RFID Tags and Blockchain (Extended Abstract)
    Saito, Kenji
    2021 INTERNATIONAL SYMPOSIUM ON VLSI TECHNOLOGY, SYSTEMS AND APPLICATIONS (VLSI-TSA), 2021,
12345