Large scale DNS analysis

Authors:
Samuel Marchal;Thomas Engel
Affiliations:
SnT - University of Luxembourg, Luxembourg;SnT - University of Luxembourg, Luxembourg
Venue:
AIMS'12 Proceedings of the 6th IFIP WG 6.6 international autonomous infrastructure, management, and security conference on Dependable Networks and Services
Year:
2012

Citing 8
Cited 0

MapReduce: simplified data processing on large clusters

OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Context-aware clustering of DNS query traffic

Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Cassandra: structured storage system on a P2P network

Proceedings of the 28th ACM symposium on Principles of distributed computing
Hadoop: The Definitive Guide

Hadoop: The Definitive Guide
Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces

ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Data-Intensive Text Processing with MapReduce

Data-Intensive Text Processing with MapReduce
At the forge: Redis

Linux Journal
Building a dynamic reputation system for DNS

USENIX Security'10 Proceedings of the 19th USENIX conference on Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we present an architecture for large scale DNS monitoring. The analysis of DNS traffic is becoming of first importance currently, as it allows to monitor the main part of the interactions on the Internet. DNS traffic can reveal anomalies such as worm infected hosts, botnets or spam participating hosts. The efficiency and the speed of detection of such anomalies rely on the capacity of DNS monitoring system to treat quickly huge quantity of data. We propose a system that leverages distributed processing and storage facilities.