| Presentation | 2009-07-09 Anomalous Traffic Observed in DNS Keisuke ISHIBASHI, Tsuyoshi TOYONO, Kazumichi SATOH, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | DNS is one onf the most critical infrastructure of the Internet, and used for most of Internet applications. On the other hand, because it used UDP for transport protocol, it is rather easy to spoof the source IP address. Based on these factors, It is frequently appeared attacks to DNS or attacks using DNS mechanism. In this paper, we review anomalous traffic observed in DNS traffic and studies on those attacks. In addition, it is reported that DNS traffic is dominated bogus queries that are not attacks but uncecessary increase the load of traffic. We show some statistics on those bogus queries. Those anomalous traffic is harmful for DNS servers. In addition, we also review studies on detecting anomalous traffic that is not harmful effect on DNS servers, but harmful other Internet host and can be detected in DNS traffic. We also introduce our results on these topics. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | DNS / cache poisoning attack / amplifier attack heavy user / botnet |
| Paper # | IN2009-28 |
| Date of Issue |
| Conference Information | |
| Committee | IN |
|---|---|
| Conference Date | 2009/7/2(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information Networks (IN) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Anomalous Traffic Observed in DNS |
| Sub Title (in English) | |
| Keyword(1) | DNS |
| Keyword(2) | cache poisoning attack |
| Keyword(3) | amplifier attack heavy user |
| Keyword(4) | botnet |
| 1st Author's Name | Keisuke ISHIBASHI |
| 1st Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation() |
| 2nd Author's Name | Tsuyoshi TOYONO |
| 2nd Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation |
| 3rd Author's Name | Kazumichi SATOH |
| 3rd Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation |
| Date | 2009-07-09 |
| Paper # | IN2009-28 |
| Volume (vol) | vol.109 |
| Number (no) | 119 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |