Large Scale DNS Analysis
نویسندگان
چکیده
In this paper we present an architecture for large scale DNS monitoring. The analysis of DNS traffic is becoming of first importance currently, as it allows to monitor the main part of the interactions on the Internet. DNS traffic can reveal anomalies such as worm infected hosts, botnets or spam participating hosts. The efficiency and the speed of detection of such anomalies rely on the capacity of DNS monitoring system to treat quickly huge quantity of data. We propose a system that leverages distributed processing and storage facilities.
منابع مشابه
Detecting Active Bot Networks Based on DNS Traffic Analysis
Abstract—One of the serious threats to cyberspace is the Bot networks or Botnets. Bots are malicious software that acts as a network and allows hackers to remotely manage and control infected computer victims. Given the fact that DNS is one of the most common protocols in the network and is essential for the proper functioning of the network, it is very useful for monitoring, detecting and redu...
متن کاملPsyBoG: A scalable botnet detection method for large-scale DNS traffic
Domain Name System (DNS) traffic has become a rich source of information from a security perspective. However, the volume of DNS traffic has been skyrocketing, such that security analyzers experience difficulties in collecting, retrieving, and analyzing the DNS traffic in response to modern Internet threats. More precisely, much of the research relating to DNS has been negatively affected by th...
متن کاملAccurate DNS query characteristics estimation via active probing
As the hidden backbone of today's Internet, the Domain Name System (DNS) provides name resolution service for almost every networked application. To exploit the rich DNS query information for traffic engineering or user behavior analysis, both passive capturing and active probing techniques have been proposed in recent years. Despite its full visibility of DNS behaviors, the passive capturing t...
متن کاملThe Role of Direct Numerical Simulations in Validation and Verification
The role of direct numerical simulations (DNS) of multiphase flows, where all continuum length and time scales are fully resolved, in validation and verification of models for the average flow, is discussed. Although DNS are usually limited to relatively small problems and are generally impractical for predictions of full-scale multiphase systems, DNS offer unprecedented data and insight. Indee...
متن کاملDNS analysis of a Re = 40 , 000 swirl burner
A premixed turbulent combustion Direct Numerical Simulation (DNS) database of a swirl burner is analyzed from three angles: estimation of the three-dimensional flame surface from two-dimensional fields; modeling of subgrid source and flux terms entering the balance equation for the reaction progress variable in Large Eddy Simulation (LES); and modeling of the subgrid-scale scalar variance in LE...
متن کامل