Další formáty:
BibTeX
LaTeX
RIS
@inproceedings{16889, author = {Čermák, Milan and Čeleda, Pavel and Vykopal, Jan}, address = {Heidelberg}, booktitle = {Advances in Communication Networking, Lecture Notes in Computer Science, Vol. 8846}, keywords = {domain name system; DNS; IP flow monitoring; IPFIX; traffic anomaly detection; internet measurements}, howpublished = {tištěná verze "print"}, language = {eng}, location = {Heidelberg}, isbn = {978-3-319-13487-1}, pages = {215-226}, publisher = {Springer International Publishing}, title = {Detection of DNS Traffic Anomalies in Large Networks}, url = {http://dx.doi.org/10.1007/978-3-319-13488-8_20}, year = {2014} }
TY - JOUR ID - 16889 AU - Čermák, Milan - Čeleda, Pavel - Vykopal, Jan PY - 2014 TI - Detection of DNS Traffic Anomalies in Large Networks PB - Springer International Publishing CY - Heidelberg SN - 9783319134871 KW - domain name system KW - DNS KW - IP flow monitoring KW - IPFIX KW - traffic anomaly detection KW - internet measurements UR - http://dx.doi.org/10.1007/978-3-319-13488-8_20 N2 - Almost every Internet communication is preceded by a translation of a DNS name to an IP address. Therefore monitoring of DNS traffic can effectively extend capabilities of current methods for network traffic anomaly detection. In order to effectively monitor this traffic, we propose a new flow metering algorithm that saves resources of a flow exporter. Next, to show benefits of the DNS traffic monitoring for anomaly detection, we introduce novel detection methods using DNS extended flows. The evaluation of these methods shows that our approach not only reveals DNS anomalies but also scales well in a campus network. ER -
ČERMÁK, Milan, Pavel ČELEDA a Jan VYKOPAL. Detection of DNS Traffic Anomalies in Large Networks. In \textit{Advances in Communication Networking, Lecture Notes in Computer Science, Vol. 8846}. Heidelberg: Springer International Publishing, 2014, s.~215-226. ISBN~978-3-319-13487-1.
|