Presentation | 2011/5/5 Detection of DNS Cache Poisoning Attack in DNS Standard Resolution Traffic Yasuo Musashi, Kazuya Takemori, Shinichiro Kubota, Kenichi Sugitani, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | We statistically investigated the total A resource record (RR) based DNS query request packet traffic from the Internet to the top domain DNS server in a university campus network through January 1st to December 21st, 2010. The obtained results are: (1) We found five DNS Cache Poisoning (DNSCP) attacks in observation of rapid decrease in the unique source IP address based entropy of the DNS query packet traffic and significant increase in the unique DNS query keyword based one. (2) Also, we found five DNSCP attacks in the score changes for detection method using the calculated restricted Damerau-Levenshtein distance (restricted edit distance) between the observed query keyword and the last one by employing both threshold ranges through 1 to 40. Therefore, it is possible that the restricted Damerau-Levenshtein distance based detection technology can detect the DNSCP attacks. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | |
Paper # | Vol. 2011-CSEC-53 No.1,Vol. 2011-IOT-13 No.1 |
Date of Issue |
Conference Information | |
Committee | ICM |
---|---|
Conference Date | 2011/5/5(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information and Communication Management(ICM) |
---|---|
Language | ENG |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Detection of DNS Cache Poisoning Attack in DNS Standard Resolution Traffic |
Sub Title (in English) | |
Keyword(1) | |
1st Author's Name | Yasuo Musashi |
1st Author's Affiliation | Center for Multimedia and Information Technologies (CMIT), Kumamoto University() |
2nd Author's Name | Kazuya Takemori |
2nd Author's Affiliation | NRI Secure Technologies, Ltd. |
3rd Author's Name | Shinichiro Kubota |
3rd Author's Affiliation | Center for Multimedia and Information Technologies (CMIT), Kumamoto University |
4th Author's Name | Kenichi Sugitani |
4th Author's Affiliation | Center for Multimedia and Information Technologies (CMIT), Kumamoto University |
Date | 2011/5/5 |
Paper # | Vol. 2011-CSEC-53 No.1,Vol. 2011-IOT-13 No.1 |
Volume (vol) | vol.111 |
Number (no) | 30 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |