{"updated":"2025-01-20T03:36:09.512152+00:00","links":{},"id":183605,"created":"2025-01-19T00:51:06.890927+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00183605","sets":["581:8997:9007"]},"path":["9007"],"owner":"11","recid":"183605","title":["Detection and Filtering System for DNS Water Torture Attacks Relying Only on Domain Name Information "],"pubdate":{"attribute_name":"公開日","attribute_value":"2017-09-15"},"_buckets":{"deposit":"85e34fc2-e09a-4697-a8cd-ebc667de2677"},"_deposit":{"id":"183605","pid":{"type":"depid","value":"183605","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"Detection and Filtering System for DNS Water Torture Attacks Relying Only on Domain Name Information ","author_link":["403488","403484","403492","403494","403485","403493","403491","403490","403495","403486","403489","403487"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Detection and Filtering System for DNS Water Torture Attacks Relying Only on Domain Name Information "},{"subitem_title":"Detection and Filtering System for DNS Water Torture Attacks Relying Only on Domain Name Information ","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"[特集：高度化するサイバー攻撃に対応するコンピュータセキュリティ技術] DNS, DDoS, IPS, water torture attacks, pseudo-random subdomain attacks, naïve Bayes classifier","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2017-09-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Engineering, Toyohashi University of Technology"},{"subitem_text_value":"Faculty of Engineering, Toyohashi University of Technology"},{"subitem_text_value":"Faculty of Informatics, Kogakuin University"},{"subitem_text_value":"Department of Information Security, University of Nagasaki"},{"subitem_text_value":"Japan Network Information Center"},{"subitem_text_value":"Comworth Co., Ltd."}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Engineering, Toyohashi University of Technology","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Engineering, Toyohashi University of Technology","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Informatics, Kogakuin University","subitem_text_language":"en"},{"subitem_text_value":"Department of Information Security, University of Nagasaki","subitem_text_language":"en"},{"subitem_text_value":"Japan Network Information Center","subitem_text_language":"en"},{"subitem_text_value":"Comworth Co., Ltd.","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"eng"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/183605/files/IPSJ-JNL5809007.pdf","label":"IPSJ-JNL5809007.pdf"},"date":[{"dateType":"Available","dateValue":"2019-09-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL5809007.pdf","filesize":[{"value":"1.2 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"5"},{"tax":["include_tax"],"price":"0","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"d03461ee-d1be-436a-b106-a7677692025b","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2017 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Takuro, Yoshida"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Kento, Kawakami"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Ryotaro, Kobayashi"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Masahiko, Kato"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Masayuki, Okada"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hiroyuki, Kishimoto"}],"nameIdentifiers":[{}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Takuro, Yoshida","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Kento, Kawakami","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Ryotaro, Kobayashi","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Masahiko, Kato","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Masayuki, Okada","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hiroyuki, Kishimoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"Water torture attacks are a recently emerging type of Distributed Denial-of-Service (DDoS) attack on Domain Name System (DNS) servers. They generate a multitude of malicious queries with randomized, unique subdomains. This paper proposes a detection method and a filtering system for water torture attacks. The former is an enhancement of our previous effort so as to achieve packet-by-packet, on-the-fly processing, and the latter is an application of our current method mainly for defending recursive servers. Our proposed method detects malicious queries by analyzing their subdomains with a naïve Bayes classifier. Considering large-scale applications, we focus on achieving high throughput as well as high accuracy. Experimental results indicate that our method can detect attacks with 98.16% accuracy and only a 1.55% false positive rate, and that our system can process up to 7.44Mpps of traffic.\n------------------------------\nThis is a preprint of an article intended for publication Journal of\nInformation Processing(JIP). This preprint should not be cited. This\narticle should be cited as: Journal of Information Processing Vol.25(2017) (online)\nDOI　http://dx.doi.org/10.2197/ipsjjip.25.854\n------------------------------","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Water torture attacks are a recently emerging type of Distributed Denial-of-Service (DDoS) attack on Domain Name System (DNS) servers. They generate a multitude of malicious queries with randomized, unique subdomains. This paper proposes a detection method and a filtering system for water torture attacks. The former is an enhancement of our previous effort so as to achieve packet-by-packet, on-the-fly processing, and the latter is an application of our current method mainly for defending recursive servers. Our proposed method detects malicious queries by analyzing their subdomains with a naïve Bayes classifier. Considering large-scale applications, we focus on achieving high throughput as well as high accuracy. Experimental results indicate that our method can detect attacks with 98.16% accuracy and only a 1.55% false positive rate, and that our system can process up to 7.44Mpps of traffic.\n------------------------------\nThis is a preprint of an article intended for publication Journal of\nInformation Processing(JIP). This preprint should not be cited. This\narticle should be cited as: Journal of Information Processing Vol.25(2017) (online)\nDOI　http://dx.doi.org/10.2197/ipsjjip.25.854\n------------------------------","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicIssueDates":{"bibliographicIssueDate":"2017-09-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"9","bibliographicVolumeNumber":"58"}]},"relation_version_is_last":true,"weko_creator_id":"11"}}