Lean On Me: Mining Internet Service Dependencies From Large-Scale DNS Data
作者: Matteo Dell'Amico , Leyla Bilge , Ashwin Kayyoor , Petros Efstathopoulos , Pierre-Antoine Vervier
关键词: Power graph analysis 、 The Internet 、 Computer science 、 Cascading failure 、 Data science 、 Dependency graph 、 Service provider 、 Service (business) 、 Cloud computing 、 Denial-of-service attack
摘要: Most websites, services, and applications have come to rely on Internet services (e.g., DNS, CDN, email, WWW, etc.) offered by third parties. Although employing such generally improves reliability cost-effectiveness, it also creates dependencies service providers, which may expose websites additional risks, as DDoS attacks or cascading failures. As cloud are becoming more popular, an increasing percentage of the overall ecosystem relies a decreasing number highly popular services. In our general effort assess security risk for given entity, motivated effects recent disruptions, we perform large-scale analysis passive active DNS datasets including than 2.5 trillion queries in order discover between this paper, present findings dataset analysis, attempt important insights about dependencies. To further understand nature dependencies, graph-theoretic dependency graph propose support power, novel power measure that can quantify amount dependence other particular service. Our reveal current is dominated handful providers---with Amazon being leader, far---whose popularity steadily increasing. These supported results, reveals set less-popular many (regional) depend on.
acm.org
sci-hub.se 参考文章(31)
Felix C. Freiling, Konrad Rieck, Christian Gorecki, Thorsten Holz, Measuring and Detecting Fast-Flux Service Networks network and distributed system security symposium. ,(2008)
Roberto Perdisci, David Dagon, Manos Antonakakis, Nick Feamster, Wenke Lee, Building a dynamic reputation system for DNS usenix security symposium. pp. 18- 18 ,(2010)
Mark Felegyhazi, Vern Paxson, Christian Kreibich, On the potential of proactive domain blacklisting usenix conference on large scale exploits and emergent threats. pp. 6- 6 ,(2010)
Leyla Bilge, Engin Kirda, Christopher Kruegel, Marco Balduzzi, EXPOSURE : Finding malicious domains using passive DNS analysis network and distributed system security symposium. ,(2011)
Igor Mishkovski, Mario Biey, Ljupco Kocarev, Vulnerability of complex networks Communications in Nonlinear Science and Numerical Simulation. ,vol. 16, pp. 341- 349 ,(2011) , 10.1016/J.CNSNS.2010.03.018
Kazumi Saito, Masahiro Kimura, Kouzou Ohara, Hiroshi Motoda, Super mediator - A new centrality measure of node importance for information diffusion over social network Information Sciences. ,vol. 329, pp. 985- 1000 ,(2016) , 10.1016/J.INS.2015.03.034
Beichuan Zhang, Raymond Liu, Daniel Massey, Lixia Zhang, Collecting the internet AS-level topology acm special interest group on data communication. ,vol. 35, pp. 53- 61 ,(2005) , 10.1145/1052812.1052825
Aaron Clauset, Cosma Rohilla Shalizi, M. E. J. Newman, Power-Law Distributions in Empirical Data Siam Review. ,vol. 51, pp. 661- 703 ,(2009) , 10.1137/070710111
Roland van Rijswijk-Deij, Mattijs Jonker, Anna Sperotto, Aiko Pras, The Internet of Names: A DNS Big Dataset acm special interest group on data communication. ,vol. 45, pp. 91- 92 ,(2015) , 10.1145/2785956.2789996
Marián Boguñá, Romualdo Pastor-Satorras, Alessandro Vespignani, Absence of epidemic threshold in scale-free networks with degree correlations. Physical Review Letters. ,vol. 90, pp. 028701- ,(2003) , 10.1103/PHYSREVLETT.90.028701