Characterizing Dark DNS Behavior

机译：表征黑暗DNS行为

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Security researchers and network operators increasingly rely on information gathered from honeypots and sensors deployed on dark-nets, or unused address space, for attack detection. While the attack traffic gleaned from such deployments has been thoroughly scrutinized, little attention has been paid to DNS queries targeting these addresses. In this paper, we introduce the concept of dark DNS, the DNS queries associated with darknet addresses, and characterize the data collected from a large operational network by our dark DNS sensor. We discuss the implications of sensor evasion via DNS reconnaissance and emphasize the importance of reverse DNS authority when deploying darknet sensors to prevent attackers from easily evading monitored darknets. Finally, we present honeydns, a tool that complements existing network sensors and low-interaction honeypots by providing simple DNS services.

机译：安全研究人员和网络运营商越来越依赖从蜜罐和部署在暗网或未使用的地址空间上的传感器收集的信息来进行攻击检测。尽管已经仔细检查了从此类部署中收集的攻击流量，但很少关注针对这些地址的DNS查询。在本文中，我们介绍了暗DNS的概念，与暗网地址相关联的DNS查询，并描述了由我们的暗DNS传感器从大型运营网络中收集的数据。我们讨论了通过DNS侦查逃避传感器的含义，并强调了在部署暗网传感器时防止DNS反向授权的重要性，以防止攻击者轻易逃避受监控的暗网。最后，我们介绍了honeydns，该工具通过提供简单的DNS服务来补充现有的网络传感器和低交互性蜜罐。

著录项

来源
《International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment(DIMVA 2007); 20070712-13; Lucerne(CH)》|2007年|P.140-156|共17页
会议地点 Lucerne(CH)
作者
Jon Oberheide; Manish Karir; Z. Morley Mao;
展开▼
作者单位

Electrical Engineering and Computer Science University of Michigan, Ann Arbor MI 48105;

Networking RD Merit Network Inc, Ann Arbor MI 48105;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类计算技术、计算机技术;
关键词
DNS; reconnaissance; honeypots; sensors; darknets;

机译：DNS;侦察;蜜罐;传感器;暗网;

相似文献

外文文献
中文文献
专利

1. 小麦类核糖核酸酶基因(WRN1)cDNA在自然衰老和黑暗诱导衰老条件下的表达 [J] . 常胜合, 英加, 张吉军, 植物学报（英文版） . 2003,第009期
2. Visualizing and characterizing DNS lookup behaviors via log-mining [J] . Lai Qingnan, Zhou Changling, Ma Hao, Neurocomputing . 2015,第deca2期

机译：通过日志挖掘可视化和表征DNS查找行为
3. A Review of Nanoscale Characterizing Individual DNA Behaviors Using Atomic Force Microscopy [J] . Mi Li, Dan Dang, Ning Xi, IEEE transactions on nanotechnology . 2018,第5期

机译：使用原子力显微镜纳米表征单个DNA行为的综述。
4. Development of a clusterwise-linear-regression-based forecasting system for characterizing DNAPL dissolution behaviors in porous media [J] . S. Wang, G.H. Huang, L. He Science of the total environment . 2012,第SEPa1期

机译：基于聚类线性回归的预测系统的开发，用于表征多孔介质中DNAPL的溶解行为
5. Characterizing Dark DNS Behavior [C] . Jon Oberheide, Manish Karir, Z. Morley Mao International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment . 2007

机译：表征暗DNS行为
6. A Psychosocial Behavioral Attribution Model: Examining the Relationship between the 'Dark Triad' and Cyber-Criminal Behaviors Impacting Social Networking Sites [D] . Withers, Kim L. 2019

机译：社会心理行为归因模型：研究“黑社会”与影响社交网站的网络犯罪行为之间的关系
7. Mutations in the PH Domain of DNM1 are associated with a nonepileptic phenotype characterized by developmental delay and neurobehavioral abnormalities [O] . Emily Brereton, Emily Fassi, Gabriel C. Araujo, 2018

机译：DNM1的PH结构域中的突变与一种以发育迟缓和神经行为异常为特征的非癫痫性表型有关
8. Characterizing dark dns behavior [O] . Jon Oberheide, Manish Karir, Z. Morley Mao, 2007

机译：表征深色DNS行为

Characterizing Dark DNS Behavior

摘要

著录项

相似文献

相关主题

期刊订阅