Detection of NS Resource Record DNS Resolution Traffic, Host Search, and SSH Dictionary Attack Activities
作者: Kazuya Takemori , , Dennis Romana , Shinichiro Kubota , Kenichi Sugitani
DOI: 10.22266/IJIES2009.1231.05
关键词:
摘要: We carried out an entropy study on the DNS query traffic from Internet to top domain server in a university campus network through January 1st March 31st, 2009. The obtained results are: (1) observed difference for changes among total-, A-, and PTR resource records (RRs) based 17th February 1st, (2) found large NS RR including only keyword "." total inbound traffic. (3) also that unique source IP address slightly increased, while keywords one drastically decreased 9th, specific host which was already-hijacked classical Linux PC SSH dictionary attack sites From these results,we can detect unusual outbound attacks by watching Internet.
inass.org 
sci-hub.st 参考文章(9)
Yasuo Musashi, Dennis A. Ludena Romana, Hirofumi Nagatomi, A DNS-based countermeasure technology for bot worm-infected PC terminals in the campus network Journal for Academic Computing and Networking. ,vol. 10, pp. 39- 46 ,(2006) , 10.24669/JACN.10.1_39
Jose Nazario, Defense and Detection Strategies against Internet Worms ,(2003)
Arno Wagner, Bernhard Plattner, Entropy Based Worm and Anomaly Detection in Fast IP Networks 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05). pp. 172- 177 ,(2005) , 10.1109/WETICE.2005.35
Dennis Arturo Ludeña Romaña, Shinichiro Kubota, Kenichi Sugitani, Yasuo Musashi, DNS Based Spam Bots Detection in a University international conference on intelligent networks and intelligent systems. pp. 205- 208 ,(2008) , 10.1109/ICINIS.2008.54
J. Lane Thames, Randal Abler, David Keeling, A distributed active response architecture for preventing SSH dictionary attacks southeastcon. pp. 84- 89 ,(2008) , 10.1109/SECON.2008.4494264
B. McCarty, Botnets: big and bigger ieee symposium on security and privacy. ,vol. 1, pp. 87- 90 ,(2003) , 10.1109/MSECP.2003.1219079
DA Ludeña Romaña, Shinichiro Kubota, Kenichi Sugitani, Yasuo Musashi, None, Entropy Study on A and PTR Resource Record-Based DNS Query Traffic IPSJ Symposium Series. ,vol. 2008, pp. 55- 61 ,(2008)
Dennis Romaña, , Kenichi Sugitani, Yasuo Musashi, , , DNS based Security Incidents Detection in Campus Network International Journal of Intelligent Engineering and Systems. ,vol. 1, pp. 17- 21 ,(2008) , 10.22266/IJIES2008.0331.03
Dennis Romaña, , Shinichiro Kubota, Kenichi Sugitani, Yasuo Musashi, , , , DNS based spam bots detection in a university International Journal of Intelligent Engineering and Systems. ,vol. 2, pp. 11- 18 ,(2009) , 10.22266/IJIES2009.0930.02