FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3006390257> ?p ?o ?g. }

• W3006390257 endingPage "122" @default.
• W3006390257 startingPage "112" @default.
• W3006390257 abstract "DNS (Domain Name System) based name resolution is one of the most fundamental Internet services for both of the Internet users and Internet service providers. In normal DNS based name resolution process, the corresponding NS (Name Server) records are required prior to sending a DNS query to the authoritative DNS servers. However, in recent years, DNS based botnet communication has been observed in which botnet related network traffic is transferred via DNS queries and responses. In particular, it has been observed that, in some types of malware, DNS queries will be sent to the C&C servers using an IP address directly without obtaining the corresponding NS records in advance. In this paper, we propose a novel mechanism to detect and block abnormal DNS traffic by analyzing the achieved NS record history in intranet. In the proposed mechanism, all DNS traffic of an intranet will be captured and analyzed in order to extract the legitimate NS records and the corresponding glue A records (the IP address(es) of a name server) which will be stored in a white list database. Then all the outgoing DNS queries will be checked and those destined to the IP addresses that are not included in the white list will be blocked as abnormal DNS traffic. We have implemented a prototype system and evaluated the functionality in an SDN-based experimental network. The results showed that the prototype system worked well as we expected and accordingly we consider that the proposed mechanism is capable of detecting and blocking some specific types of abnormal DNS-based botnet communication." @default.
• W3006390257 created "2020-02-24" @default.
• W3006390257 creator A5037952139 @default.
• W3006390257 creator A5057456496 @default.
• W3006390257 creator A5069097911 @default.
• W3006390257 creator A5072161978 @default.
• W3006390257 date "2020-01-01" @default.
• W3006390257 modified "2023-10-17" @default.
• W3006390257 title "NS record History Based Abnormal DNS traffic Detection Considering Adaptive Botnet Communication Blocking" @default.
• W3006390257 cites W1828150029 @default.
• W3006390257 cites W1989598342 @default.
• W3006390257 cites W2065323196 @default.
• W3006390257 cites W2154874878 @default.
• W3006390257 cites W2174520777 @default.
• W3006390257 cites W2242094442 @default.
• W3006390257 cites W2291150993 @default.
• W3006390257 cites W2730672749 @default.
• W3006390257 cites W2903858243 @default.
• W3006390257 cites W2921163783 @default.
• W3006390257 cites W2946879263 @default.
• W3006390257 cites W4213362721 @default.
• W3006390257 cites W85558978 @default.
• W3006390257 doi "https://doi.org/10.2197/ipsjjip.28.112" @default.
• W3006390257 hasPublicationYear "2020" @default.
• W3006390257 type Work @default.
• W3006390257 sameAs 3006390257 @default.
• W3006390257 citedByCount "5" @default.
• W3006390257 countsByYear W30063902572020 @default.
• W3006390257 countsByYear W30063902572021 @default.
• W3006390257 countsByYear W30063902572023 @default.
• W3006390257 crossrefType "journal-article" @default.
• W3006390257 hasAuthorship W3006390257A5037952139 @default.
• W3006390257 hasAuthorship W3006390257A5057456496 @default.
• W3006390257 hasAuthorship W3006390257A5069097911 @default.
• W3006390257 hasAuthorship W3006390257A5072161978 @default.
• W3006390257 hasBestOaLocation W30063902571 @default.
• W3006390257 hasConcept C105320234 @default.
• W3006390257 hasConcept C110875604 @default.
• W3006390257 hasConcept C136764020 @default.
• W3006390257 hasConcept C144745244 @default.
• W3006390257 hasConcept C22735295 @default.
• W3006390257 hasConcept C2778059363 @default.
• W3006390257 hasConcept C31258907 @default.
• W3006390257 hasConcept C35026560 @default.
• W3006390257 hasConcept C38652104 @default.
• W3006390257 hasConcept C41008148 @default.
• W3006390257 hasConcept C93996380 @default.
• W3006390257 hasConceptScore W3006390257C105320234 @default.
• W3006390257 hasConceptScore W3006390257C110875604 @default.
• W3006390257 hasConceptScore W3006390257C136764020 @default.
• W3006390257 hasConceptScore W3006390257C144745244 @default.
• W3006390257 hasConceptScore W3006390257C22735295 @default.
• W3006390257 hasConceptScore W3006390257C2778059363 @default.
• W3006390257 hasConceptScore W3006390257C31258907 @default.
• W3006390257 hasConceptScore W3006390257C35026560 @default.
• W3006390257 hasConceptScore W3006390257C38652104 @default.
• W3006390257 hasConceptScore W3006390257C41008148 @default.
• W3006390257 hasConceptScore W3006390257C93996380 @default.
• W3006390257 hasIssue "0" @default.
• W3006390257 hasLocation W30063902571 @default.
• W3006390257 hasLocation W30063902572 @default.
• W3006390257 hasOpenAccess W3006390257 @default.
• W3006390257 hasPrimaryLocation W30063902571 @default.
• W3006390257 hasRelatedWork W1513626637 @default.
• W3006390257 hasRelatedWork W1954903228 @default.
• W3006390257 hasRelatedWork W2009636435 @default.
• W3006390257 hasRelatedWork W2033818207 @default.
• W3006390257 hasRelatedWork W2336393324 @default.
• W3006390257 hasRelatedWork W2934080905 @default.
• W3006390257 hasRelatedWork W3013180214 @default.
• W3006390257 hasRelatedWork W3080777947 @default.
• W3006390257 hasRelatedWork W3133848745 @default.
• W3006390257 hasRelatedWork W90902614 @default.
• W3006390257 hasVolume "28" @default.
• W3006390257 isParatext "false" @default.
• W3006390257 isRetracted "false" @default.
• W3006390257 magId "3006390257" @default.
• W3006390257 workType "article" @default.