The domain name system (DNS) is a complex distributed database on which several Internet services rely on. As its monitoring is critical, researchers and internet service providers continuously monitor DNS traffic for identifying anomalies, measuring performance, and generating usage statistics. This paper looks at DNS traffic from a different perspective; it covers the design and implementation of a passive DNS monitoring system whose goal is to understand trends, characterize economical relationships, and also track suspicious activities. The system described on this paper manages the it country code Top Level Domain (ccTLD). Deployed on it authoritative name servers, it is currently permanently monitoring all the it DNS traffic
Towards a Passive DNS Monitoring System
Deri Luca;Martinelli Maurizio;Vannozzi Daniele
2012
Abstract
The domain name system (DNS) is a complex distributed database on which several Internet services rely on. As its monitoring is critical, researchers and internet service providers continuously monitor DNS traffic for identifying anomalies, measuring performance, and generating usage statistics. This paper looks at DNS traffic from a different perspective; it covers the design and implementation of a passive DNS monitoring system whose goal is to understand trends, characterize economical relationships, and also track suspicious activities. The system described on this paper manages the it country code Top Level Domain (ccTLD). Deployed on it authoritative name servers, it is currently permanently monitoring all the it DNS trafficI documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
