DNS-based network anomaly detection and eradicating scheme

Chang-Sheng Chen*, Shang Rung Wang, Ta Chung Liu

*此作品的通信作者

研究成果: Article同行評審

摘要

Nowadays, most Internet services are based on the working model that there will be some Domain Name System (DNS) [1] queries before the communication activities. Thus, for supporting DNS-based anomaly detection, the key problem is how to identify the clusters (sequences) of inappropriate DNS queries form the DNS traffic mixture that are directly generated or indirectly induced by internetworking hosts that are abnormal (i.e., including compromised and/or the original abusers). In this paper, we design and implement a DNS-based network anomalous detection and intrusion eradication scheme, combining the DNS-based anomaly detection and IEEE 802.1x-based authentication scheme for supporting the intrusion eradicating process.

原文English
頁(從 - 到)329-335
頁數7
期刊Journal of Internet Technology
8
發行號3
出版狀態Published - 1 7月 2007

指紋

深入研究「DNS-based network anomaly detection and eradicating scheme」主題。共同形成了獨特的指紋。

引用此