DNS ANY Request Cannon in Total Inbound ANY Resource Record DNS Query Request Packet Traffic
スポンサーリンク
概要
- 論文の詳細を見る
We statistically investigated the total ANY resource record (RR) based DNS query request packet traffic from the Internet to the top domain DNS server in a university campus network through January 1st, 2011 to December 31st, 2012. The obtained results are: (1) We found a significant increase in the inbound ANY RR based DNS query request traffic at November 28th, 2011. (2) In the DNS query request packet traffic, we observed only a query keyword of the campus domain name. (3) We found a correlation between the total inbound DNS query request packet traffic and the DNS query request packet traffic including the query keyword. (4) Also, we found that the source IP addresses were distributed in the ANY RR based DNS query request packet traffic. These results indicate that the ANY RR based DNS request packet traffic is strange. Therefore, we should pay much attention to the ANY RR based DNS query request traffic including the single domain name.
- 2013-03-07
著者
-
Musashi Yasuo
Center For Multimedia And Information Technologies (cmit) Kumamoto University
-
Kubota Shinichiro
Center For Multimedia And Information Technologies (cmit) Kumamoto University
-
Sugitani Kenichi
Center For Multimedia And Information Technologies (cmit) Kumamoto University
-
TAKEDA YUTO
Graduate School of Science and Technologies, Kumamoto University
関連論文
- Entropy study on A resource record DNS query traffic from the campus network (技術と社会・倫理)
- Entropy study on A resource record DNS query traffic from the campus network (インターネットアーキテクチャ)
- Entropy study on A resource record DNS query traffic from the campus network (インターネットと運用技術)
- Detection of NS resource record DNS resolution traffic, host search, and SSH dictionary attack activities (情報通信マネジメント)
- Threats of unusual DNS query traffic from NIS clients (分散システム/インターネット運用技術)
- Threats of unusual DNS query traffic from NIS clients (テレコミュニケーションマネジメント)
- Workaround for Welchia and Sasser Internet Worms in Kumamoto University
- Statistical Analysis in Log Files of Electronic-Mail Server and Domain Name System Server. SPAM Mail Generates Many DNS Query Packets
- Traffic Analysis on a Domain Name System Server. SMTP Access Generates Many Name-Resolving Packets to a Greater Extent than Does POP3 Access
- DNS based entropy and forensic analysis on the PCs for learners in a university (情報通信マネジメント)
- DNS based entropy and forensic analysis on the PCs for learners in a university (インターネットと運用技術)
- Installation of security policy into Kumamoto University and DNS based detection of security incidents in the campus network (技術と社会・倫理)
- Installation of security policy into Kumamoto University and DNS based detection of security incidents in the campus network (インターネットアーキテクチャ)
- Installation of security policy into Kumamoto University and DNS based detection of security incidents in the campus network (インターネットと運用技術)
- Detection of DNS Cache Poisoning Attack in DNS Standard Resolution Traffic
- Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks
- Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks
- DNS ANY Request Cannon in Total Inbound ANY Resource Record DNS Query Request Packet Traffic
- DNS ANY Request Cannon in Total Inbound ANY Resource Record DNS Query Request Packet Traffic
- Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks