Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

IFIP International Conference on Autonomous Infrastructure, Management and Security

AIMS 2012: Dependable Networks and Services pp 151–154Cite as

  1. Home
  2. Dependable Networks and Services
  3. Conference paper
Large Scale DNS Analysis

Large Scale DNS Analysis

  • Samuel Marchal20 &
  • Thomas Engel20 
  • Conference paper
  • 1218 Accesses

  • 1 Citations

  • 1 Altmetric

Part of the Lecture Notes in Computer Science book series (LNCCN,volume 7279)

Abstract

In this paper we present an architecture for large scale DNS monitoring. The analysis of DNS traffic is becoming of first importance currently, as it allows to monitor the main part of the interactions on the Internet. DNS traffic can reveal anomalies such as worm infected hosts, botnets or spam participating hosts. The efficiency and the speed of detection of such anomalies rely on the capacity of DNS monitoring system to treat quickly huge quantity of data. We propose a system that leverages distributed processing and storage facilities.

Keywords

  • Security monitoring
  • DNS data
  • storage facilities

Download conference paper PDF

References

  1. Antonakakis, M., Perdisci, R., Dagon, D., Lee, W., Feamster, N.: Building a dynamic reputation system for dns. In: Proceedings of the 19th USENIX Conference on Security, pp. 18–18. USENIX Association, Berkeley (2010)

    Google Scholar 

  2. Bilge, L., Kirda, E., Kruegel, C., Balduzzi, M.: Finding malicious domains using passive dns analysis. In: 18th Annual Network & Distributed System Security Symposium, NDSS 2011, San Diego, California, USA, February 6-9 (2011)

    Google Scholar 

  3. Born, K., Gustafson, D.: Detecting dns tunnels using character frequency analysis. CoRR abs/1004.4358 (2010)

    Google Scholar 

  4. Dean, J., Ghemawat, S.: MapReduce: simplified data processing on large clusters. In: Symposium on Opearting Systems Design & Implementation (OSDI). USENIX Association (2004)

    Google Scholar 

  5. Hartigan, J.A., Wong, M.A.: A k-means clustering algorithm. Applied Statistics 28 (1979)

    Google Scholar 

  6. Lakshman, A., Malik, P.: Cassandra: structured storage system on a p2p network. In: Proceedings of the 28th ACM Symposium on Principles of Distributed Computing, PODC 2009, p. 5. ACM, New York (2009)

    CrossRef  Google Scholar 

  7. Lerner, R.M.: At the forge: Redis. Linux J. (September 2010), http://dl.acm.org/citation.cfm?id=1883519.1883524

  8. Lin, J., Dyer, C.: Data-Intensive Text Processing with MapReduce (Synthesis Lectures on Human Language Technologies). Morgan and Claypool Publishers (2010)

    Google Scholar 

  9. Marchal, S., François, J., Wagner, C., State, R., Dulaunoy, A., Engel, T., Festor, O.: DNSSM: A large scale passive DNS security monitoring framework. In: NOMS 2012 (2012)

    Google Scholar 

  10. Mockapetris, P.: Rfc 1034: Domain names - concepts and facilities (1987)

    Google Scholar 

  11. Mockapetris, P.: Rfc 1035: Domain names - implementation and specification (1987)

    Google Scholar 

  12. Perdisci, R., Corona, I., Dagon, D., Lee, W.: Detecting malicious flux service networks through passive analysis of recursive dns traces. In: Proceedings of the 2009 Annual Computer Security Applications Conference, ACSAC 2009, pp. 311–320. IEEE Computer Society, Washington, DC (2009)

    Google Scholar 

  13. Plonka, D., Barford, P.: Context-aware clustering of dns query traffic. In: Internet Measurement Comference 2008, pp. 217–230 (2008)

    Google Scholar 

  14. Weimer, F.: Passive dns replication (2005)

    Google Scholar 

  15. White, T.: Hadoop: The Definitive Guide. O’Reilly Media (June 2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. SnT - University of Luxembourg, Luxembourg

    Samuel Marchal & Thomas Engel

Authors
  1. Samuel Marchal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thomas Engel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Electrical Engineering, Mathematics, and Computer Science, University of Twente, P.O. Box 217, 7500 AE, Enschede, The Netherlands

    Ramin Sadre

  2. Institute of Computer Science, Masaryk University, Botanická 68a, 602 00, Brno, Czech Republic

    Jiří Novotný & Pavel Čeleda & 

  3. Institut für Informatik (IFI), Universität Zürich, Binzmühlestraße 14, 8050, Zürich, Switzerland

    Martin Waldburger

  4. Institut für Informatik (IFI), Universität Zürich, Binzmühlestrasse 14, 8050, Zürich, Switzerland

    Burkhard Stiller

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 IFIP International Federation for Information Processing

About this paper

Cite this paper

Marchal, S., Engel, T. (2012). Large Scale DNS Analysis. In: Sadre, R., Novotný, J., Čeleda, P., Waldburger, M., Stiller, B. (eds) Dependable Networks and Services. AIMS 2012. Lecture Notes in Computer Science, vol 7279. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30633-4_20

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-30633-4_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30632-7

  • Online ISBN: 978-3-642-30633-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature