Entropy study on A resource record DNS query traffic from the campus network (インターネットアーキテクチャ)
スポンサーリンク
概要
- 論文の詳細を見る
侵入遮断・検知システムにおいて、誤検知は完全にはなくすことができない。つまり、シグネチャマッチングにほんの少しの誤りが含まれていても、システム自身の検知率に関する性能の劣化はほとんど無い。ところが、この許容できる誤りを許すことで、シグネチャマッチングの速度に関する性能を大幅に引き上げられる可能性がある。本論文では、誤りの発生を許容する代わりに文字列探索を高速に行う手法を提案する。厳密な探索ではないが処理が高速なアルゴリズムを多重化させて、誤りを運用上許容できる程度にまで減らす。この手法を用いることで、IDSのシグネチャマッチングを高速化できる。
- 社団法人電子情報通信学会の論文
- 2009-02-26
著者
-
Roman Dennis
Graduate School Of Science And Technology Kumamoto University
-
TAKEMORI KAZUYA
Faculty of Engineering, Kumamoto University
-
Kong Wei
Graduate School of Science and Technology, Kumamoto University
-
KUBOTA SHINICHIRO
Center for Multimedia and Information Technologies, Kumamoto University
-
SUGITANI KENICHI
Center for Multimedia and Information Technologies, Kumamoto University
-
MUSASHI YASUO
Center for Multimedia and Information Technologies, Kumamoto University
-
Kong Wei
Graduate School Of Science And Technology Kumamoto University
-
Musashi Yasuo
Kumamoto Univ.
-
Musashi Yasuo
Graduate School Of Science And Technology Kumamoto University
-
Musashi Yasuo
Center For Multimedia And Information Technologies Kumamoto University
-
Takemori Kazuya
Faculty Of Engineering Kumamoto University
-
Kubota Shinichiro
Center For Multimedia And Information Technologies Kumamoto University
-
Sugitani Kenichi
Center For Multimedia And Information Technologies Kumamoto University
-
Romana Dennis
Graduate School Of Science And Technology Kumamoto University
-
Musashi Yasuo
Center For Multimedia And Information Technologies (cmit) Kumamoto University
-
Kubota Shinichiro
Center For Multimedia And Information Technologies (cmit) Kumamoto University
-
Sugitani Kenichi
Center For Multimedia And Information Technologies (cmit) Kumamoto University
関連論文
- Entropy study on A resource record DNS query traffic from the campus network (技術と社会・倫理)
- Entropy study on A resource record DNS query traffic from the campus network (インターネットアーキテクチャ)
- Entropy study on A resource record DNS query traffic from the campus network (インターネットと運用技術)
- Detection of NS resource record DNS resolution traffic, host search, and SSH dictionary attack activities (情報通信マネジメント)
- Detection of DNS cache poisoning attack in DNS standard resolution traffic (情報通信マネジメント)
- Threats of unusual DNS query traffic from NIS clients (分散システム/インターネット運用技術)
- Threats of unusual DNS query traffic from NIS clients (テレコミュニケーションマネジメント)
- Workaround for Welchia and Sasser Internet Worms in Kumamoto University
- Statistical Analysis in Log Files of Electronic-Mail Server and Domain Name System Server. SPAM Mail Generates Many DNS Query Packets
- Traffic Analysis on a Domain Name System Server. SMTP Access Generates Many Name-Resolving Packets to a Greater Extent than Does POP3 Access
- DNS based entropy and forensic analysis on the PCs for learners in a university (情報通信マネジメント)
- DNS based entropy and forensic analysis on the PCs for learners in a university (インターネットと運用技術)
- Installation of security policy into Kumamoto University and DNS based detection of security incidents in the campus network (技術と社会・倫理)
- Installation of security policy into Kumamoto University and DNS based detection of security incidents in the campus network (インターネットアーキテクチャ)
- Installation of security policy into Kumamoto University and DNS based detection of security incidents in the campus network (インターネットと運用技術)
- Detection of DNS Cache Poisoning Attack in DNS Standard Resolution Traffic
- Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks
- Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks
- DNS ANY Request Cannon in Total Inbound ANY Resource Record DNS Query Request Packet Traffic
- DNS ANY Request Cannon in Total Inbound ANY Resource Record DNS Query Request Packet Traffic
- Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks