Results 1 - 10 of 103

Statistical Study of Unusual DNS Query Traffic

by Dennis Arturo, Yasuo Musashi, Hirofumi Nagatomi, Kenichi Sugitani
"... We statistically investigated on the unusual big DNS resolution traffic toward the top domain DNS server from a university local campus network in April 11th, 2006. The following results are obtained: (1) In April 11th, the DNS query traffic includes a lot of fully qualified domain names (FQDNs) of ..."
Abstract - Cited by 1 (0 self) - Add to MetaCart
We statistically investigated on the unusual big DNS resolution traffic toward the top domain DNS server from a university local campus network in April 11th, 2006. The following results are obtained: (1) In April 11th, the DNS query traffic includes a lot of fully qualified domain names (FQDNs

Statistical Study of Unusual DNS Query Traffic

by unknown authors
"... Abstract — We statistically investigated on the unusual big DNS resolution traffic toward the top domain DNS server from a university local campus network in April 11th, 2006. The following results are obtained: (1) In April 11th, the DNS query traffic includes a lot of fully qualified domain names ..."
Abstract - Add to MetaCart
Abstract — We statistically investigated on the unusual big DNS resolution traffic toward the top domain DNS server from a university local campus network in April 11th, 2006. The following results are obtained: (1) In April 11th, the DNS query traffic includes a lot of fully qualified domain names

Threats of Unusual DNS Query Traffic from NIS Clients

by Dennis A. Ludeña Romaña, Hirofumi Nagatomi, Yasuo Musashi, Kenichi Sugitani
"... Abstract We statistically investigated on unusual DNS query traffic from the several Linux PC servers employing network information system (NIS) as their authentication in the campus network of a university. The following re-sults are obtained: (1) The DNS query traffic includes specific keywords of ..."
Abstract - Add to MetaCart
Abstract We statistically investigated on unusual DNS query traffic from the several Linux PC servers employing network information system (NIS) as their authentication in the campus network of a university. The following re-sults are obtained: (1) The DNS query traffic includes specific keywords

Analysis of IPv6 Based DNS Query Traffic

by Ipv Ipv, Hirofumi Nagatomi, Dennis Artona
"... Abstract: We investigated statistically on the IPv6 source IP address-based DNS query traffic a university campus network through January 1st to December 31st, 2005. The results are summarized, as follows: (1) Several security incidents in the IPv6-based DNS query traffic can be observed in or synch ..."
Abstract - Add to MetaCart
Abstract: We investigated statistically on the IPv6 source IP address-based DNS query traffic a university campus network through January 1st to December 31st, 2005. The results are summarized, as follows: (1) Several security incidents in the IPv6-based DNS query traffic can be observed

Entropy Study on MX Resource Record-Based DNS Query Packet Traffic

by Dennis Arturo, Yasuo Musashi, Kenichi Sugitani
"... in the MX resource record (RR) type DNS query packet traffic between the top domain DNS server and the DNS clients in a university through January 1st, 2004 to July 31st, 2007. The interesting results are summarized, as follows: (1) The source IP addresses- and query keywords-based entropies change ..."
Abstract - Add to MetaCart
in the MX resource record (RR) type DNS query packet traffic between the top domain DNS server and the DNS clients in a university through January 1st, 2004 to July 31st, 2007. The interesting results are summarized, as follows: (1) The source IP addresses- and query keywords-based entropies change

Status of this Memo Negative Caching of DNS Queries (DNS NCACHE)

by M. Andrews , 1034
"... This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards " (STD 1) for the standardization state and status of this pro ..."
Abstract - Add to MetaCart
] or domain name. Negative caching is useful as it reduces the response time for negative answers. It also reduces the number of messages that have to be sent between resolvers and name servers hence overall network traffic. A large proportion of DNS traffic on the Internet could be eliminated if all

Boost DNS Privacy, Reliability, and Efficiency with opDNS Safe Query Elimination

by Marcel Waldvogel, Thomas Zink, Dane Among Others
"... fortify the Domain Name System as the central information hub behind the Internet. Largely hidden from the end user, an increasing number of protocol and trust decisions are contingent on DNS. Neglect or attacks on DNS have much more impact today than ever, now endangering security far beyond denial ..."
Abstract - Add to MetaCart
denial of service. Opportunistic Persistent DNS (opDNS) addresses these problems by abandoning pessimistic caching and eliminating unnecessary traffic. Today’s DNS infrastructure relies on the hosts forgetting and refreshing DNS records in relatively short time. In conjunction with TLS, opDNS greatly

DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic

by unknown authors
"... Abstract—In this paper, we present an analysis of a new class of domain names: disposable domains. We observe that popular web applications, along with other Internet services, systematically use this new class of domain names. Disposable domains are likely generated automatically, characterized by ..."
Abstract - Add to MetaCart
by a “one-time use ” pattern, and appear to be used as a way of “sig-naling ” via DNS queries. To shed light on the pervasiveness of disposable domains, we study 24 days of live DNS traffic span-ning a year observed at a large Internet Service Provider. We find that disposable domains increased from 23

Detection of NS Resource Record DNS Resolution Traffic, Host Search, and SSH Dictionary Attack Activities

by Kazuya Takemori , Dennis Arturo , Ludeña Romaña , Shinichiro Kubota , Kenichi Sugitani , Yasuo Musashi
"... Abstract: We carried out an entropy study on the DNS query traffic from the Internet to the top domain DNS server in a university campus network through January 1st to March 31st, 2009. The obtained results are: (1) We observed a difference for the entropy changes among the total-, the A-, and the ..."
Abstract - Add to MetaCart
these results,we can detect the unusual inbound NS RR based DNS traffic and the outbound SSH dictionary attacks by only watching DNS query traffic from the Internet.

Characterizing dark dns behavior

by Jon Oberheide, Manish Karir, Z. Morley Mao - In Fourth GI International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA ’07 , 2007
"... Abstract. Security researchers and network operators increasingly rely on information gathered from honeypots and sensors deployed on darknets, or unused address space, for attack detection. While the attack traffic gleaned from such deployments has been thoroughly scrutinized, little attention has ..."
Abstract - Cited by 5 (0 self) - Add to MetaCart
been paid to DNS queries targeting these addresses. In this paper, we introduce the concept of dark DNS, the DNS queries associated with darknet addresses, and characterize the data collected from a large operational network by our dark DNS sensor. We discuss the implications of sensor evasion via DNS
Results 1 - 10 of 103