Open Access
Subscription Access
DNS-based Network Anomaly Detection and Eradicating Scheme
Abstract
Nowadays, most Internet services are based on the working model that there will be some Domain Name System (DNS) [1] queries before the communication activities. Thus, for supporting DNS-based anomaly detection, the key problem is how to identify the clusters (sequences) of inappropriate DNS queries form the DNS traffic mixture that are directly generated or indirectly induced by internetworking hosts that are abnormal (i.e., including compromised and/or the original abusers). In this paper, we design and implement a DNS-based network anomalous detection and intrusion eradication scheme, combining the DNS-based anomaly detection and IEEE 802.1x-based authentication scheme for supporting the intrusion eradicating process.
Keywords
DNS; IEEE 802.1x; intrusion detection; intrusion eradication
Citation Format:
Chang-Shang Chen, Shang-Rung Wang, Ta-Chung Liu, "DNS-based Network Anomaly Detection and Eradicating Scheme," Journal of Internet Technology, vol. 8, no. 3 , pp. 329-335, Jul. 2007.
Chang-Shang Chen, Shang-Rung Wang, Ta-Chung Liu, "DNS-based Network Anomaly Detection and Eradicating Scheme," Journal of Internet Technology, vol. 8, no. 3 , pp. 329-335, Jul. 2007.
Refbacks
- There are currently no refbacks.
Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Office of Library and Information Services, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 974301, Taiwan, R.O.C.
Tel: +886-3-931-7314 E-mail: jit.editorial@gmail.com