WEKO3
アイテム
Detection and Filtering System for DNS Water Torture Attacks Relying Only on Domain Name Information
https://ipsj.ixsq.nii.ac.jp/records/183605
https://ipsj.ixsq.nii.ac.jp/records/1836059d95d9e8-096a-4732-b31c-84d82792a9b9
名前 / ファイル | ライセンス | アクション |
---|---|---|
![]() |
Copyright (c) 2017 by the Information Processing Society of Japan
|
|
オープンアクセス |
Item type | Journal(1) | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
公開日 | 2017-09-15 | |||||||||||||||||
タイトル | ||||||||||||||||||
タイトル | Detection and Filtering System for DNS Water Torture Attacks Relying Only on Domain Name Information | |||||||||||||||||
タイトル | ||||||||||||||||||
言語 | en | |||||||||||||||||
タイトル | Detection and Filtering System for DNS Water Torture Attacks Relying Only on Domain Name Information | |||||||||||||||||
言語 | ||||||||||||||||||
言語 | eng | |||||||||||||||||
キーワード | ||||||||||||||||||
主題Scheme | Other | |||||||||||||||||
主題 | [特集:高度化するサイバー攻撃に対応するコンピュータセキュリティ技術] DNS, DDoS, IPS, water torture attacks, pseudo-random subdomain attacks, naïve Bayes classifier | |||||||||||||||||
資源タイプ | ||||||||||||||||||
資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||||||||
資源タイプ | journal article | |||||||||||||||||
著者所属 | ||||||||||||||||||
Graduate School of Engineering, Toyohashi University of Technology | ||||||||||||||||||
著者所属 | ||||||||||||||||||
Faculty of Engineering, Toyohashi University of Technology | ||||||||||||||||||
著者所属 | ||||||||||||||||||
Faculty of Informatics, Kogakuin University | ||||||||||||||||||
著者所属 | ||||||||||||||||||
Department of Information Security, University of Nagasaki | ||||||||||||||||||
著者所属 | ||||||||||||||||||
Japan Network Information Center | ||||||||||||||||||
著者所属 | ||||||||||||||||||
Comworth Co., Ltd. | ||||||||||||||||||
著者所属(英) | ||||||||||||||||||
en | ||||||||||||||||||
Graduate School of Engineering, Toyohashi University of Technology | ||||||||||||||||||
著者所属(英) | ||||||||||||||||||
en | ||||||||||||||||||
Faculty of Engineering, Toyohashi University of Technology | ||||||||||||||||||
著者所属(英) | ||||||||||||||||||
en | ||||||||||||||||||
Faculty of Informatics, Kogakuin University | ||||||||||||||||||
著者所属(英) | ||||||||||||||||||
en | ||||||||||||||||||
Department of Information Security, University of Nagasaki | ||||||||||||||||||
著者所属(英) | ||||||||||||||||||
en | ||||||||||||||||||
Japan Network Information Center | ||||||||||||||||||
著者所属(英) | ||||||||||||||||||
en | ||||||||||||||||||
Comworth Co., Ltd. | ||||||||||||||||||
著者名 |
Takuro, Yoshida
× Takuro, Yoshida
× Kento, Kawakami
× Ryotaro, Kobayashi
× Masahiko, Kato
× Masayuki, Okada
× Hiroyuki, Kishimoto
|
|||||||||||||||||
著者名(英) |
Takuro, Yoshida
× Takuro, Yoshida
× Kento, Kawakami
× Ryotaro, Kobayashi
× Masahiko, Kato
× Masayuki, Okada
× Hiroyuki, Kishimoto
|
|||||||||||||||||
論文抄録 | ||||||||||||||||||
内容記述タイプ | Other | |||||||||||||||||
内容記述 | Water torture attacks are a recently emerging type of Distributed Denial-of-Service (DDoS) attack on Domain Name System (DNS) servers. They generate a multitude of malicious queries with randomized, unique subdomains. This paper proposes a detection method and a filtering system for water torture attacks. The former is an enhancement of our previous effort so as to achieve packet-by-packet, on-the-fly processing, and the latter is an application of our current method mainly for defending recursive servers. Our proposed method detects malicious queries by analyzing their subdomains with a naïve Bayes classifier. Considering large-scale applications, we focus on achieving high throughput as well as high accuracy. Experimental results indicate that our method can detect attacks with 98.16% accuracy and only a 1.55% false positive rate, and that our system can process up to 7.44Mpps of traffic. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.25(2017) (online) DOI http://dx.doi.org/10.2197/ipsjjip.25.854 ------------------------------ |
|||||||||||||||||
論文抄録(英) | ||||||||||||||||||
内容記述タイプ | Other | |||||||||||||||||
内容記述 | Water torture attacks are a recently emerging type of Distributed Denial-of-Service (DDoS) attack on Domain Name System (DNS) servers. They generate a multitude of malicious queries with randomized, unique subdomains. This paper proposes a detection method and a filtering system for water torture attacks. The former is an enhancement of our previous effort so as to achieve packet-by-packet, on-the-fly processing, and the latter is an application of our current method mainly for defending recursive servers. Our proposed method detects malicious queries by analyzing their subdomains with a naïve Bayes classifier. Considering large-scale applications, we focus on achieving high throughput as well as high accuracy. Experimental results indicate that our method can detect attacks with 98.16% accuracy and only a 1.55% false positive rate, and that our system can process up to 7.44Mpps of traffic. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.25(2017) (online) DOI http://dx.doi.org/10.2197/ipsjjip.25.854 ------------------------------ |
|||||||||||||||||
書誌レコードID | ||||||||||||||||||
収録物識別子タイプ | NCID | |||||||||||||||||
収録物識別子 | AN00116647 | |||||||||||||||||
書誌情報 |
情報処理学会論文誌 巻 58, 号 9, 発行日 2017-09-15 |
|||||||||||||||||
ISSN | ||||||||||||||||||
収録物識別子タイプ | ISSN | |||||||||||||||||
収録物識別子 | 1882-7764 |