Tesi etd-01182017-122017 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
VANNI, CLAUDIO
URN
etd-01182017-122017
Titolo
Detection and classification of anomalies in DNS traffic
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
INGEGNERIA DELLE TELECOMUNICAZIONI
Relatori
relatore Pagano, Michele
relatore Giordano, Stefano
relatore Callegari, Christian
relatore Giordano, Stefano
relatore Callegari, Christian
Parole chiave
- histogram analysis
- cluster analysis
- tld
- country code top level domain
- top level domain
Data inizio appello
23/02/2017
Consultabilità
Completa
Riassunto
DNS provides a critical function in the Internet infrastructure. Since it is relied on by many Internet applications, security has become a crucial problem in the DNS. Traditional rule-based intrusion detection methods are not able to update the rules dynamically.
In this work, cluster and histogram analyses are employed to detect possible anomalies in DNS query traffic. The proposed methods are used to reveal unusual patterns in a real-word DNS log dataset captured at a country code top level domain server.
Experimental results on such log dataset are achieved and compared performing the proposed algorithms on different query parameters and with different time-bin sizes.
In this work, cluster and histogram analyses are employed to detect possible anomalies in DNS query traffic. The proposed methods are used to reveal unusual patterns in a real-word DNS log dataset captured at a country code top level domain server.
Experimental results on such log dataset are achieved and compared performing the proposed algorithms on different query parameters and with different time-bin sizes.
File
| Nome file | Dimensione |
|---|---|
| thesis.pdf | 1.17 Mb |
Contatta l’autore |
|