Analyzing the dynamics behaviour of fast-flux domain name system through visualization /
As attempts to thwart cyber crime have intensified, so have innovations in how cybercriminals' provision their infrastructure to dodge detection and take-down. Today, a growing, sophisticated technique called Fast-Flux Service Networks (FFSN) poses a major problem to Internet security. They are...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
Kuala Lumpur :
Kulliyyah of Information and Communication Technology, International Islamic University Malaysia,
2013
|
| Subjects: | |
| Online Access: | http://studentrepo.iium.edu.my/handle/123456789/5624 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| LEADER | 035110000a22003490004500 | ||
|---|---|---|---|
| 008 | 130313t2013 my a g m 000 0 eng d | ||
| 040 | |a UIAM |b eng | ||
| 041 | |a eng | ||
| 043 | |a a-my--- | ||
| 050 | 0 | 0 | |a TK5105.59 |
| 100 | 0 | |a Andi Fitriah Binti Abdul Kadir | |
| 245 | 1 | |a Analyzing the dynamics behaviour of fast-flux domain name system through visualization / |c by Andi Fitriah Binti Abdul Kadir | |
| 260 | |a Kuala Lumpur : |b Kulliyyah of Information and Communication Technology, International Islamic University Malaysia, |c 2013 | ||
| 300 | |a xxii, 176 leaves : |b ill. ; |c 30cm. | ||
| 500 | |a Abstracts in English and Arabic. | ||
| 500 | |a "A thesis submitted in fulfilment of the requirement for the degree of Master of Computer Science."--On t.p. | ||
| 502 | |a Thesis (MCS)--International Islamic University Malaysia, 2013. | ||
| 504 | |a Includes bibliographical references (leaves 162-167). | ||
| 520 | |a As attempts to thwart cyber crime have intensified, so have innovations in how cybercriminals' provision their infrastructure to dodge detection and take-down. Today, a growing, sophisticated technique called Fast-Flux Service Networks (FFSN) poses a major problem to Internet security. They are increasingly used in many illegal practices including money mule recruitment sites, distribution of malware downloads, illegal adult content and other forms of Internet fraud. Essentially, FFSN were first used as a Domain Name Server (DNS) switching mechanism that combine distributed command and control, web-based load-balancing, and proxy redirection. However, cybercriminals are making use of this technology to cover their tracks and avoid detection. As such, their criminal infrastructures stay up longer to get more victims. These issues are tackled by investigating the dynamics of FFSN by using k-Nearest Neighbor (kNN) classification method and data visualization technique. This combination can assist network administrators and security analyst to recognize the threats more easily and efficiently. In this study, over 500 domains are collected and monitored. By applying kNN classifier to the trained data, the presence of Single-Flux (SF), NS-Flux (NSF), and Double-Flux (DF) are observed. Subsequently, by scrutinizing and visualizing these fluxing domain names, the new types of fluxing designated as NS-Name-Flux(NF) and Nested-NS-Flux (NNF) are discovered. The analysis results of both NF and NNF exposed that FFSN have become extensively sophisticated and dynamic. This exemplifies that visualization is an alternative and effective data exploration method for understanding the complex behaviors of FFSN. | ||
| 596 | |a 1 | ||
| 650 | 0 | |a Internet |x Security measures | |
| 650 | 0 | |a Computer networks |x Security measures | |
| 650 | 0 | |a Information technology |x Security measures | |
| 655 | 7 | |a Theses, IIUM local | |
| 690 | |a Dissertations, Academic |x Department of Computer Science |z IIUM | ||
| 710 | 2 | |a International Islamic University Malaysia. |b Department of Computer Science | |
| 856 | 4 | |u http://studentrepo.iium.edu.my/handle/123456789/5624 | |
| 900 | |a sbh-zaj-zhmn | ||
| 999 | |c 435627 |c 435627 |d 467644 |d 467644 | ||
| 999 | |c 435627 |c 435627 |d 467644 |d 467644 | ||
| 952 | |0 0 |6 T TK 005105.59 A552A 2013 |7 0 |8 THESES |9 758782 |a IIUM |b IIUM |c MULTIMEDIA |g 0.00 |o t TK 5105.59 A552A 2013 |p 00011282824 |r 2017-10-20 |t 1 |v 0.00 |y THESIS | ||
| 952 | |0 0 |6 TS CDF TK 5105.59 A552A 2013 |7 0 |8 THESES |9 850575 |a IIUM |b IIUM |c MULTIMEDIA |g 0.00 |o ts cdf TK 5105.59 A552A 2013 |p 00011282825 |r 2017-10-26 |t 1 |v 0.00 |y THESISDIG | ||