Assessing the Real-World Dynamics of DNS
نویسندگان
چکیده
The DNS infrastructure is a key component of the Internet and is thus used by a multitude of services, both legitimate and malicious. Recently, several works demonstrated that malicious DNS activity usually exhibits observable dynamics that may be exploited for detection and mitigation. Clearly, reliable differentiation requires legitimate activity to not show these dynamics. In this paper, we show that this is often not the case, and propose a set of DNS stability metrics that help to efficiently categorize the DNS activity of a diverse set of Internet sites.
منابع مشابه
Evaluation of Recirculation Time in Bubble Train Flow by Using Direct Numerical Simulation
In this research, hydrodynamics of the Bubble Train Flows (BTF) in circular capillaries has been investigated by Direct Numerical Simulation (DNS).The Volume of Fluid Based (VOF) interface tracking method and streamwise direction periodic boundary conditions has been applied. The results show that there exists an appropriate agreement between DNS and experimental correlation results. The re...
متن کاملDetecting Active Bot Networks Based on DNS Traffic Analysis
Abstract—One of the serious threats to cyberspace is the Bot networks or Botnets. Bots are malicious software that acts as a network and allows hackers to remotely manage and control infected computer victims. Given the fact that DNS is one of the most common protocols in the network and is essential for the proper functioning of the network, it is very useful for monitoring, detecting and redu...
متن کاملRecursive DNS Architectures and Vulnerability Implications
DNS implementers face numerous choices in architecting DNS resolvers, each with profound implications for security. Absent the use of DNSSEC, there are numerous interim techniques to improve DNS forgery resistance. We explore how different resolver architectures can affect the risk of DNS poisoning. The contributions of this work include: (A) We create a comprehensive, accurate model of DNS poi...
متن کاملDNS-sly: Avoiding Censorship through Network Complexity
We design DNS-sly, a counter-censorship system which enables a covert channel between a DNS client and server. To achieve covertness and deniability in the upstream direction, DNS-sly applies user personalization, adapting to individual behaviors. In the downstream direction, it utilizes CDN-related DNS responses to embed data, while retaining statistical covertness. We show DNS-sly achieves do...
متن کاملInflation Dynamics in a Dutch Disease Economy
Abstract In this paper, the effect of foreign sector macro-variable on inflation dynamics and firms’ pricing behavior has been investigated in the context of a small open economy New Keynesian Phillips Curve. This curve is derived and estimated for a developing oil-exporting economy suffering from Dutch Disease. This version of NKPC is an extension of Leith and Malley’s (2007) small open econom...
متن کامل