Passive monitoring of DNS anomalies - (Extended abstract)

被引:0
|
作者
Zdrnja, Bojan [1 ]
Brownlee, Nevil [1 ]
Wessels, Duane [2 ]
机构
[1] Univ Auckland, Auckland, New Zealand
[2] Measurement Factory Inc, Boulder, CO USA
来源
DETECTION OF INTRUSIONS AND MALWARE, AND VULNERABILITY ASSESSMENT, PROCEEDINGS | 2007年 / 4579卷
关键词
D O I
暂无
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
We collected DNS responses at the University of Auckland Internet gateway in an SQL database, and analyzed them to detect unusual behaviour. Our DNS response data have included typo squatter domains, fast flux domains and domains being (ab)used by spammers. We observe that current attempts to reduce spam have greatly increased the number of A records being resolved. We also observe that the data locality of DNS requests diminishes because of domains advertised in spam.
引用
收藏
页码:129 / +
页数:3
相关论文
共 50 条
  • [21] DNS of passive scalars in turbulent pipe flow
    Pirozzoli, Sergio
    Romero, Joshua
    Fatica, Massimiliano
    Verzicco, Roberto
    Orlandi, Paolo
    JOURNAL OF FLUID MECHANICS, 2022, 940
  • [22] DNS of passive scalars in turbulent pipe flow
    Pirozzoli S.
    Romero J.
    Fatica M.
    Verzicco R.
    Orlandi P.
    Journal of Fluid Mechanics, 2022, 940
  • [23] Actively boosting network security with passive DNS
    Liu C.
    Network Security, 2016, 2016 (05): : 18 - 20
  • [24] Detection of DNS Anomalies using Flow Data Analysis
    Karasaridis, Anestis
    Meier-Hellstern, Kathleen
    Hoeflin, David
    GLOBECOM 2006 - 2006 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, 2006,
  • [25] Visual Detection of Anomalies in DNS Query Log Data
    Shan, Guihua
    Wang, Yang
    Xie, Maojin
    Lv, Haopu
    Chi, Xuebin
    2014 IEEE PACIFIC VISUALIZATION SYMPOSIUM (PACIFICVIS), 2014, : 258 - 261
  • [26] Extended Abstract: MedSN System for In-Home Patient Monitoring: Architecture, Privacy and Security
    Kuryloski, Philip
    Pai, Sameer
    Wicker, Stephen
    Xue, Yuan
    2007 JOINT WORKSHOP ON HIGH CONFIDENCE MEDICAL DEVICES, SOFTWARE AND SYSTEMS AND MEDICAL DEVICE PLUG-AND PLAY INTEROPERABILITY, 2007, : 189 - +
  • [27] Extended Abstract: Monitoring-based Thermal Management for Mixed-Criticality Systems
    Mettler, Marcel
    Rapp, Martin
    Khdr, Heba
    Mueller-Gritschneder, Daniel
    Henkel, Joerg
    Schlichtmann, Ulf
    2023 DESIGN, AUTOMATION & TEST IN EUROPE CONFERENCE & EXHIBITION, DATE, 2023,
  • [28] Separating Identifier from Locator with Extended DNS
    Wang, Jessie Hui
    Wang, Yang
    Xu, Mingwei
    Yang, Jiahai
    2012 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC), 2012,
  • [29] Rationalisation of Profiles of Abstract Argumentation Frameworks: Extended Abstract
    Airiau, Stephane
    Bonzon, Elise
    Endriss, Ulle
    Maudet, Nicolas
    Rossit, Julien
    PROCEEDINGS OF THE TWENTY-SIXTH INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE, 2017, : 4776 - 4780
  • [30] Cellular ANTomata (Extended abstract)
    Rosenberg, Arnold L.
    PARALLEL AND DISTRIBUTED PROCESSING AND APPLICATIONS, PROCEEDINGS, 2007, 4742 : 78 - 90
12345