Informační systém Repo
ČERMÁK, Milan. DNSAnomDet. 2014.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name DNSAnomDet
Authors ČERMÁK, Milan.
Edition 2014.
Other information
Original language English
Type of outcome Software
Field of Study Informatics
Country of publisher Czech Republic
Confidentiality degree is not subject to a state or trade secret
Organization Ústav výpočetní techniky – Repository – Repository
Keywords in English DNS; anomaly; detection; amplification attack; cybersquatting; open resolver; malware domains; tunneling
Technical parameters Odpovědná osoba: Milan Čermák, Masarykova univerzita, Ústav výpočetní techniky, Botanická 68a, 602 00 Brno, tel.: +420 549 49 7140, e-mail: cermak@ics.muni.cz.
Changed by Changed by: RNDr. Daniel Jakubík, učo 139797. Changed: 1/9/2020 17:44.
Abstract
DNSAnomDet is a suite of scripts that automate detection of DNS traffic anomalies, using IP flows in the IPFIX format extended by information from DNS packets. Scripts focus on detection of cybersquatting, DNS amplification attacks, open DNS resolvers, malware domain queries, and DNS tunneling detection.
Displayed: 20/4/2024 05:47