DNS based entropy and forensic analysis on the PCs for learners in a university (情報通信マネジメント)
スポンサーリンク
概要
- 論文の詳細を見る
We performed an entropy study on the DNS query traffic from the outside of a university campus network to the top domain DNS server when querying about reverse resolution on the PCs for learners through January 1st, 2007 to February 29th, 2008. The following interesting results are given: (1) The total DNS query traffic changes in a mild manner until January 16th, 2008, however it drastically changes after January 17th, 2008. (2) In January 17th, 2008, the DNS query traffic is mainly dominated by several specific IP addresses as their query keywords. (3) We carried out forensic analysis on the PCs for learners in which IP addresses are found in the several specific keywords and it is concluded that the PCs become spam bots when inserting USE based key disk storage.
- 社団法人電子情報通信学会の論文
- 2008-05-01
著者
-
Musashi Yasuo
Kumamoto Univ.
-
Musashi Yasuo
Graduate School Of Science And Technology Kumamoto University
-
Kubota Shinichiro
Center For Multimedia And Information Technologies Kumamoto University
-
Sugitani Kenichi
Center For Multimedia And Information Technologies Kumamoto University
-
Sugitani Kenichi
Graduate School Of Science And Technology Kumamoto University
-
Ludena Romana
Graduate School Of Science And Technology Kumamoto University
-
KUBOTA Shinichiro
Graduate School of Science and Technology, Kumamoto University
-
Sugitani Kenichi
Center For Multimedia And Information Technologies (cmit) Kumamoto University
-
Kubota Shinichiro
Graduate School Of Science And Technology Kumamoto University
-
LUDENA ROMANA
Graduate School of Science and Technology, Kumamoto University
関連論文
- Entropy study on A resource record DNS query traffic from the campus network (技術と社会・倫理)
- Entropy study on A resource record DNS query traffic from the campus network (インターネットアーキテクチャ)
- Entropy study on A resource record DNS query traffic from the campus network (インターネットと運用技術)
- Detection of NS resource record DNS resolution traffic, host search, and SSH dictionary attack activities (情報通信マネジメント)
- Detection of DNS cache poisoning attack in DNS standard resolution traffic (情報通信マネジメント)
- Threats of unusual DNS query traffic from NIS clients (分散システム/インターネット運用技術)
- Threats of unusual DNS query traffic from NIS clients (テレコミュニケーションマネジメント)
- Workaround for Welchia and Sasser Internet Worms in Kumamoto University
- Statistical Analysis in Log Files of Electronic-Mail Server and Domain Name System Server. SPAM Mail Generates Many DNS Query Packets
- Traffic Analysis on a Domain Name System Server. SMTP Access Generates Many Name-Resolving Packets to a Greater Extent than Does POP3 Access
- DNS based entropy and forensic analysis on the PCs for learners in a university (情報通信マネジメント)
- DNS based entropy and forensic analysis on the PCs for learners in a university (インターネットと運用技術)
- Detection of DNS Cache Poisoning Attack in DNS Standard Resolution Traffic
- Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks
- Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks
- DNS ANY Request Cannon in Total Inbound ANY Resource Record DNS Query Request Packet Traffic
- DNS ANY Request Cannon in Total Inbound ANY Resource Record DNS Query Request Packet Traffic
- Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks