Fast flux service networks detection model

Fast flux service networks (FFSNs) architecture employ DNS approach to establish a multi layer network on compromised machines to host their illegal online services. This architecture enables frequent change of IP addresses and name servers which frustrate the trace back and web taken down from the...

全面介紹

Saved in:
書目詳細資料
主要作者: Salleh , Mohd. Zaim
格式: Thesis
出版: 2010
主題:
標簽: 添加標簽
沒有標簽, 成為第一個標記此記錄!
id my-utm-ep.16426
record_format uketd_dc
spelling my-utm-ep.164262017-08-20T01:52:55Z Fast flux service networks detection model 2010 Salleh , Mohd. Zaim QA75 Electronic computers. Computer science Fast flux service networks (FFSNs) architecture employ DNS approach to establish a multi layer network on compromised machines to host their illegal online services. This architecture enables frequent change of IP addresses and name servers which frustrate the trace back and web taken down from the authorities. On internal network, the FFSNs can be detected via analysis on DNS data traffic monitoring. The DNS resource records can be passively collected by replicating the logged queries and requests on the collectors. These data can be use as a significant feature for detecting FFSN by filtering and classifying them. The potential candidate domain grouped for clustering by tagging with the similarity of their behaviour. The proposed detection mechanism can be integrated with other monitoring and detection tools for further increase and tighten up the network security. 2010 Thesis http://eprints.utm.my/id/eprint/16426/ http://libraryopac.utm.my/client/en_AU/main/search/detailnonmodal/ent:$002f$002fSD_ILS$002f0$002fSD_ILS:396407/one?qu=Fast+flux+service+networks+detection+model masters Universiti Teknologi Malaysia, Faculty of Computer Science and Information System Faculty of Computer Science and Information System
institution Universiti Teknologi Malaysia
collection UTM Institutional Repository
topic QA75 Electronic computers
Computer science
spellingShingle QA75 Electronic computers
Computer science
Salleh , Mohd. Zaim
Fast flux service networks detection model
description Fast flux service networks (FFSNs) architecture employ DNS approach to establish a multi layer network on compromised machines to host their illegal online services. This architecture enables frequent change of IP addresses and name servers which frustrate the trace back and web taken down from the authorities. On internal network, the FFSNs can be detected via analysis on DNS data traffic monitoring. The DNS resource records can be passively collected by replicating the logged queries and requests on the collectors. These data can be use as a significant feature for detecting FFSN by filtering and classifying them. The potential candidate domain grouped for clustering by tagging with the similarity of their behaviour. The proposed detection mechanism can be integrated with other monitoring and detection tools for further increase and tighten up the network security.
format Thesis
qualification_level Master's degree
author Salleh , Mohd. Zaim
author_facet Salleh , Mohd. Zaim
author_sort Salleh , Mohd. Zaim
title Fast flux service networks detection model
title_short Fast flux service networks detection model
title_full Fast flux service networks detection model
title_fullStr Fast flux service networks detection model
title_full_unstemmed Fast flux service networks detection model
title_sort fast flux service networks detection model
granting_institution Universiti Teknologi Malaysia, Faculty of Computer Science and Information System
granting_department Faculty of Computer Science and Information System
publishDate 2010
_version_ 1747815040134676480