| Presentation | 2012/3/8 Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks Yasuo Musashi, Satoshi Dobayashi, Dennis Arturo Ludena Romana, Shinichiro Kubota, Kenichi Sugitani, |
|---|---|
| PDF Download Page | PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | We statistically investigated the total PTR resource record (RR) based DNS query request packet traffic from the Internet to the top domain DNS server in a university campus network through January 1st to December 31st, 2011. The obtained results are: (1) We found twelve host search (HS) attacks in the scores for detection method using the calculated Euclidean distances between the observed IP address and the last observed IP address in the DNS query keywords by employing both threshold ranges of 1.0-2.0 (consecutive) and 150.2-210.4 (random). However, we found nineteen HS attacks in the scores using the calculated cosine distance between the DNS query IP addresses (threshold ranges of 0.75-0.83 and 0.9-1.0). (3) In the newly found HS attacks, we observed that the source IP addresses of the HS attack DNS query packets are distributed Therefore, it can be concluded that the cosine distance based detection technology can detect the source IP address-distributed host search attack. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | |
| Paper # | Vol.2012-IOT-16 No.31 |
| Date of Issue |
| Conference Information | |
| Committee | IA |
|---|---|
| Conference Date | 2012/3/8(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Internet Architecture(IA) |
|---|---|
| Language | ENG |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Euclidian- and Cosine-Distances based Detection of Distributed Host Search Attacks |
| Sub Title (in English) | |
| Keyword(1) | |
| 1st Author's Name | Yasuo Musashi |
| 1st Author's Affiliation | Center for Multimedia and Information Technologies (CMIT), Kumamoto University() |
| 2nd Author's Name | Satoshi Dobayashi |
| 2nd Author's Affiliation | Department of Computer Science and Electrical Engineering, Faculty of Engineering, Kumamoto University |
| 3rd Author's Name | Dennis Arturo Ludena Romana |
| 3rd Author's Affiliation | Human Resource Center for Innovation, Kumamoto University |
| 4th Author's Name | Shinichiro Kubota |
| 4th Author's Affiliation | Center for Multimedia and Information Technologies (CMIT), Kumamoto University |
| 5th Author's Name | Kenichi Sugitani |
| 5th Author's Affiliation | Center for Multimedia and Information Technologies (CMIT), Kumamoto University |
| Date | 2012/3/8 |
| Paper # | Vol.2012-IOT-16 No.31 |
| Volume (vol) | vol.111 |
| Number (no) | 485 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |