Presentation | 2013/7/11 Observing Malicious Activities with DNS Honeypot DAISUKE MAKITA, KATSUNARI YOSHIOKA, TSUTOMU MATSUMOTO, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Domain Name System (DNS) plays an important role to map domain names to their information such as IP addresses on the Internet. Meantime, DNS is also abused for malicious activities. Especially, DNS cache servers which allow recursive queries from anywhere on the Internet (Open Resolver) are abused as steppingstones for DNS amplification attacks, a type of DDoS attacks. In this paper, we propose a method for observing malicious activities that abuse DNS servers. In this method, we prepare several monitoring points on the Internet, run a dummy DNS server as a honeypot at each point, observe and analyze malicious activities from their traffic. As a result of long-term evaluation experiment in ISP networks, we confirm that out method can observe a series of suspicious activities that appear to be related to DNS amplification attacks. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | |
Paper # | Vol.2013-CSEC-62 No.54,Vol.2013-SPT-6 No.54 |
Date of Issue |
Conference Information | |
Committee | SITE |
---|---|
Conference Date | 2013/7/11(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Social Implications of Technology and Information Ethics (SITE) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Observing Malicious Activities with DNS Honeypot |
Sub Title (in English) | |
Keyword(1) | |
1st Author's Name | DAISUKE MAKITA |
1st Author's Affiliation | Yokohama National University() |
2nd Author's Name | KATSUNARI YOSHIOKA |
2nd Author's Affiliation | Yokohama National University |
3rd Author's Name | TSUTOMU MATSUMOTO |
3rd Author's Affiliation | Yokohama National University |
Date | 2013/7/11 |
Paper # | Vol.2013-CSEC-62 No.54,Vol.2013-SPT-6 No.54 |
Volume (vol) | vol.113 |
Number (no) | 136 |
Page | pp.pp.- |
#Pages | 8 |
Date of Issue |