ČERMÁK, Milan. DNSAnomDet. 2014.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name DNSAnomDet
Authors ČERMÁK, Milan.
Edition 2014.
Other information
Original language English
Type of outcome Software
Field of Study 10201 Computer sciences, information science, bioinformatics
Country of publisher Czech Republic
Confidentiality degree is not subject to a state or trade secret
Organization unit Institute of Computer Science
Keywords in English DNS; anomaly; detection; amplification attack; cybersquatting; open resolver; malware domains; tunneling
Technical parameters Open-source software implementovaný v jazyce Perl. Nástroj analyzuje uložená IPFIX data obsahující informace z DNS provozu pomocí vhodných filtrů pro volně dostupný nástroj fbitdump. Výsledky všech detekcí jsou vypisovány buď na standardní výstup nebo zasílány na nastavený e-mail. Odpovědná osoba: Milan Čermák, Masarykova univerzita, Ústav výpočetní techniky, Botanická 68a, 602 00 Brno, tel.: +420 549 49 7140, e-mail: cermak@ics.muni.cz.
Changed by Changed by: RNDr. Milan Čermák, Ph.D., učo 325314. Changed: 24. 5. 2014 20:44.
Abstract
DNSAnomDet is a suite of scripts that automate detection of DNS traffic anomalies, using IP flows in the IPFIX format extended by information from DNS packets. Scripts focus on detection of cybersquatting, DNS amplification attacks, open DNS resolvers, malware domain queries, and DNS tunneling detection.
Type Name Uploaded/Created by Uploaded/Created Rights
DNSAnomDet.tar.gz Licence Čermák, M. 24. 5. 2014

Properties

Address within IS
https://is.muni.cz/auth/publication/1131184/DNSAnomDet.tar.gz
Address for the users outside IS
https://is.muni.cz/publication/1131184/DNSAnomDet.tar.gz
Address within Manager
https://is.muni.cz/auth/publication/1131184/DNSAnomDet.tar.gz?info
Address within Manager for the users outside IS
https://is.muni.cz/publication/1131184/DNSAnomDet.tar.gz?info
Uploaded/Created
Sat 24. 5. 2014 20:49, RNDr. Milan Čermák, Ph.D.

Rights

Right to read
  • anyone on the Internet
Right to upload
 
Right to administer:
  • a concrete person RNDr. Milan Čermák, Ph.D., učo 325314
Attributes
 

DNSAnomDet.tar.gz

Application
Open the file
Download file.
Address within IS
https://is.muni.cz/auth/publication/1131184/DNSAnomDet.tar.gz
Address for the users outside IS
http://is.muni.cz/publication/1131184/DNSAnomDet.tar.gz
File type
GZIP archive (application/x-gzip)
Size
27,4 KB
Hash md5
7057582a08af80a2edfe5fa362190abb
Uploaded/Created
Sat 24. 5. 2014 20:49
Print
Report a file uploaded without authorization. Displayed: 21. 5. 2022 20:18