Semantic Exploration of DNS
نویسندگان
چکیده
The DNS structure discloses useful information about the organization and the operation of an enterprise network, which can be used for designing attacks as well as monitoring domains supporting malicious activities. Thus, this paper introduces a new method for exploring the DNS domains. Although our previous work described a tool to generate existing DNS names accurately in order to probe a domain automatically, the approach is extended by leveraging semantic analysis of domain names. In particular, the semantic distributional similarity and relatedness of sub-domains are considered as well as sequential patterns. The evaluation shows that the discovery is highly improved while the overhead remains low, comparing with non semantic DNS probing tools including ours and others.
منابع مشابه
A Demonstration of DNS: a Semantic-Aware DNS Service
The Domain Name System (DNS) is a hierarchical and distributed database used to resolve domain names into IP addresses. The current Web infrastructure heavily relies on the DNS service to allow endusers to access Web pages and Web data using meaningful names (like “www.verisign.com”) rather than cryptic sequences of numbers (e.g., “69.58.181.89”). The main functionalities of the DNS have been s...
متن کاملConsolidated Review of On Measuring the Client-Side DNS Infrastructure
1. Strengths: The paper sketches the complexity of today's DNS infrastructure and shows a number of clever specific techniques to understand some aspects of DNS resolvers. The paper is written and presented well. It describes the complex infrastructure of DNS very well so that someone who is not keen on the system can also appreciate the paper. The reviewers also like the methodology to discove...
متن کاملDNS in Computer Forensics
The Domain Name Service (DNS) is a critical core component of the global Internet and integral to the majority of corporate intranets. It provides resolution services between the human-readable name-based system addresses and the machine operable Internet Protocol (IP) based addresses required for creating network level connections. Whilst structured as a globally dispersed resilient tree data ...
متن کاملDNS Usage Mining Based on Clustering Analysis of Co-occurrence Patterns: Methods and Applications
The principal goal of DNS usage mining is the discovery and analysis of patterns in the query behavior of DNS users. In this paper, we develop a unified framework for DNS usage mining based on Clustering analysis of cooccurrence data derived from DNS server query data. Through transforming the raw query data into co-occurrence matrix, some clustering approaches and probabilistic inferences can ...
متن کاملReverse Engineering of Network Software Binary Codes for Identification of Syntax and Semantics of Protocol Messages
Reverse engineering of network applications especially from the security point of view is of high importance and interest. Many network applications use proprietary protocols which specifications are not publicly available. Reverse engineering of such applications could provide us with vital information to understand their embedded unknown protocols. This could facilitate many tasks including d...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012