当前位置: X-MOL 学术IEEE Trans. Netw. Serv. Manag. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Detecting Anomalies at a TLD Name Server Based on DNS Traffic Predictions
IEEE Transactions on Network and Service Management ( IF 4.7 ) Pub Date : 2021-01-13 , DOI: 10.1109/tnsm.2021.3051195
Diego Madariaga , Javier Madariaga , Martin Panza , Javier Bustos-Jimenez , Benjamin Bustos

The Domain Name System (DNS) is a critical component of Internet infrastructure, as almost every activity on the Internet starts with a DNS query. Given its importance, there is increasing concern over its vulnerability to attacks and failures, as they can negatively affect all Internet-based resources. Thus, detecting these events is crucial to preserve the correct functioning of all DNS components, such as high-volume name servers for top-level domains (TLD). This article presents a near real-time Anomaly Detection Based on Prediction (AD-BoP) method, providing a useful and easily explainable methodology to effectively detect DNS anomalies. AD-BoP is based on the prediction of expected DNS traffic statistics, and could be especially helpful for TLD registry operators to preserve their services' reliability. After an exhaustive analysis, AD-BoP is shown to improve the current state-of-the-art for anomaly detection in authoritative TLD name servers.

中文翻译:


基于 DNS 流量预测检测 TLD 名称服务器的异常



域名系统 (DNS) 是互联网基础设施的重要组成部分,因为互联网上的几乎所有活动都始于 DNS 查询。鉴于其重要性,人们越来越担心它容易受到攻击和故障的影响,因为它们会对所有基于互联网的资源产生负面影响。因此,检测这些事件对于保持所有 DNS 组件(例如顶级域 (TLD) 的大容量名称服务器)的正确运行至关重要。本文提出了一种基于预测的近实时异常检测 (AD-BoP) 方法,提供了一种有用且易于解释的方法来有效检测 DNS 异常。 AD-BoP 基于预期 DNS 流量统计数据的预测,对于 TLD 注册管理机构运营商保持其服务的可靠性特别有帮助。经过详尽的分析,AD-BoP 被证明可以改进权威 TLD 域名服务器中当前最先进的异常检测技术。
更新日期:2021-01-13
down
wechat
bug