IIUM Repository

Behavioral analysis and visualization of Fast-Flux DNS

A. Kadir, Andi Fitria and R. Othman, R. Azrina and A. Aziz, Normaziah (2012) Behavioral analysis and visualization of Fast-Flux DNS. In: Intelligence and Security Informatics Conference (EISIC), 2012 European, 22 - 24 August, 2012, Odense, Denmark.

[img] PDF (Behavioral analysis and visualization of Fast-Flux DNS ) - Published Version
Restricted to Registered users only

Download (524kB) | Request a copy

Abstract

Today, a growing, sophisticated technique called Fast-Flux Service Networks (FFSN) poses a major problem to Internet security. They are increasingly used in many illegal practices including money mule recruitment sites, distribution of malware downloads, illegal adult content, and other forms of Internet fraud. Essentially, FFSN were first used as a Domain Name Server (DNS) switching mechanism that combine distributed command and control, web-based load balancing, and proxy redirection. However, cyber criminals are applying various techniques to subvert detection, retain uptime of their information infrastructure and maximize their financial gain. Hence, this paper proposed to analyze and visualize the behavior of FFSN in order to facilitate FFSN detection. In this study, we collect, classify and monitor over500 domains and by scrutinizing and visualizing the trained data, we discover the new types of fluxing designated as NSName-Flux(NF). The analysis results of NF exposed that FFSN have become extensively sophisticated and dynamic. This exemplifies that visualization is an alternative and effective data exploration method for understanding the complex behaviors of FFSN.

Item Type: Conference or Workshop Item (Full Paper)
Additional Information: 5505/28616
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button): Kulliyyah of Information and Communication Technology
Kulliyyah of Information and Communication Technology
Depositing User: Assoc. Pro Normaziah Abdul Aziz
Date Deposited: 18 Jan 2013 14:38
Last Modified: 13 Feb 2013 18:16
URI: http://irep.iium.edu.my/id/eprint/28616

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year