Inhalt des Dokuments
Es gibt keine deutsche Übersetzung dieser Webseite.
| Zitatschlüssel | C-MMWDMSAD-07 |
|---|---|
| Autor | Chatzis, Nikolaos |
| Buchtitel | Proceedings of the International Symposium on Autonomous Decentralized Systems (ISADS '07) |
| Seiten | 279–286 |
| Jahr | 2007 |
| DOI | http://dx.doi.org/10.1109/ISADS.2007.46 |
| Adresse | New York, NY, USA |
| Verlag | IEEE |
| Zusammenfassung | The domain name system (DNS) is a critical infrastructural component of Internet, since it constitutes the essential first link in the entire chain of Internet connectivity. Enriching DNS functionality with in-network decision making capabilities can enable DNS to protect effectively both itself and the Internet, minimizing simultaneously human intervention. Decision making builds on the concept of situation awareness i.e. the ability of the name servers to infer a behavioural model of each host sending queries to them. We present a method for automatic behaviour classification on the name servers to detect mass mailing worm activity. Our method is based on applying spatial data mining in combination with the wavelet transform on DNS queries. We present the experimental results collected after applying our method on real DNS traffic captured at the name servers of a corporate network, which serves daily 400-500 users |
Zurück [3]
ikolaos/parameter/de/font2/minhilfe/
ations/by_author/alumni_publ/nikolaos_publ/parameter/de
/font2/minhilfe/?no_cache=1&tx_sibibtex_pi1%5Bdownl
oad_bibtex_uid%5D=225470&tx_sibibtex_pi1%5Bcontente
lement%5D=tt_content%3A372722
ations/by_author/alumni_publ/nikolaos_publ/parameter/de
/font2/minhilfe/
Zusatzinformationen / Extras
Direktzugang:
Schnellnavigation zur Seite über Nummerneingabe
Hilfsfunktionen
Copyright TU Berlin 2008