Modeling DNS agility with DNSMap
INFOCOM Workshops(2013)
摘要
More and more Internet services are hosted by Content Distribution Networks or Cloud operators. Often, IP addresses are reused for several services, and the mapping between domain names and IPs has become highly agile. This complicates the analysis of monitoring data, as it is not clear anymore which IP address represents which service at which time. We propose a system that continuously monitors this activity using captured DNS packets in a large network. Thereby we are able to (i) understand the allocation strategies inside a hosting provider, and (ii) report significant changes that are not due the normal agility of a particular service. We evaluate our system using a 2-weeks data set from a large network operator, and demonstrate how it can be used to find malicious sites.
更多查看译文
关键词
IP addresses,network operator,DNS packets,internet services,Internet services,dnsmap,domain names,dns agility modeling,computer network security,DNSMap,resource allocation,DNS agility modeling,ip networks,internet,allocation strategies,content distribution networks,malicious sites,Web sites,ip addresses,large network operator,hosting provider,cloud computing,dns packets,cloud operators,security of data
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要