Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers
نویسندگان
چکیده
منابع مشابه
Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers
The Domain Name System (DNS) is a critical infrastructure of any network, and, not surprisingly a common target of cybercrime. There are numerous works that analyse higher level DNS traffic to detect anomalies in the DNS or any other network service. By contrast, few efforts have been made to study and protect the recursive DNS level. In this paper, we introduce a novel abstraction of the recur...
متن کاملFederated Domain Name Service Using DNS Metazones
Authority zones in the Domain Name System must be declared to have one or more authoritative name servers, usually consisting of one primary name server and several secondary name servers. These name servers are expected to synchronize zone data using DNS’s zone transfer protocols, but the configuration of these synchronization relationships depends upon out of band information and manual proce...
متن کاملDoes Your DNS Recursion Really Time Out as Intended? A Timeout Vulnerability of DNS Recursive Servers
Parallelization is featured by DNS recursive servers to do time-consuming recursions on behalf on clients. As common DNS configurations, recursive servers should allow a reasonable timeout for each recursion which may take as long as several seconds. However, it is proposed in this paper that recursion parallelization may be exploited by attackers to compromise the recursion timeout mechanism f...
متن کاملAnomaly detection of domain name system (DNS) query traffic at top level domain servers
Major network events can be reflected on domain name system (DNS) traffic at the top level server on the DNS hierarchical structure. This paper pursues a novel approach to detect the DNS traffic anomaly of 5.19 events in China at CN top level domain server using covariance analysis. We normalize, expand and average the covariance changes for different length of time slice to enhance the robustn...
متن کاملDetecting DDoS Attacks Against DNS Servers Using Time Series Analysis
Domain Name System (DNS) Service is the basic support of Internet, which security plays a vital role in the entire Internet. Because DNS requests and responses are mostly UDP-based, and the existing large numbers of open recursive DNS servers, it is vulnerable to distributed denial of services (DDoS) attacks. Through the analysis of several aspects of these attacks, a novel approach to detect D...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Sensors
سال: 2016
ISSN: 1424-8220
DOI: 10.3390/s16081311