Detecting anomalies in DNS protocol traces via Passive Testing and Process Mining

Saint-Pierre Cortés, Cecilia; Cifuentes, F; Bustos-Jiménez, J.

Detecting anomalies in DNS protocol traces via Passive Testing and Process Mining

dc.contributor.author	Saint-Pierre Cortés, Cecilia
dc.contributor.author	Cifuentes, F
dc.contributor.author	Bustos-Jiménez, J.
dc.date.accessioned	2022-05-13T19:15:18Z
dc.date.available	2022-05-13T19:15:18Z
dc.date.issued	2014
dc.description.abstract	In this article we present our first approach in using Passive Testing (used in protocol and software conformance checking) and Process Mining (used in enterprise workflow analysis) techniques for analyzing DNS operation traces. We propose a process approach for DNS protocol, modeling it as a sequence of structured activities, queries and responses that are executed by actors, in this case clients and servers, with the objective of exchange some valuable information. As an example, we applied our techniques over A Day in Internet Life DNS traces for showing how easily a mail bonnet attack can be discovered. We conclude that with our first approach this techniques have promising future in order to analyze DNS traces, and plan to extend the testing for conformance against the formal definition of DNS presented in the RFC 1035.
dc.fuente.origen	IEEE
dc.identifier.doi	10.1109/CNS.2014.6997534
dc.identifier.isbn	978-1479958900
dc.identifier.uri	https://doi.org/10.1109/CNS.2014.6997534
dc.identifier.uri	https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6997534
dc.identifier.uri	https://repositorio.uc.cl/handle/11534/63882
dc.information.autoruc	Escuela de ingeniería ; Saint-Pierre Cortes, Cecilia Cristina ; S/I ; 224680
dc.language.iso	en
dc.nota.acceso	Contenido parcial
dc.publisher	IEEE
dc.relation.ispartof	IEEE Conference on Communications and Network Security (2014 : San Francisco, CA, Estados Unidos)
dc.rights	acceso restringido
dc.subject	Protocols
dc.subject	Testing
dc.subject	Servers
dc.subject	Internet
dc.subject	Business
dc.subject	Electronic mail
dc.subject	Data mining
dc.title	Detecting anomalies in DNS protocol traces via Passive Testing and Process Mining	es_ES
dc.type	comunicación de congreso
sipa.codpersvinculados	224680

Files

Original bundle

Now showing 1 - 1 of 1

Name:: Detecting anomalies in DNS protocol traces via Passive Testing and Process Mining.pdf
Size:: 2.66 KB
Format:: Adobe Portable Document Format
Description:

Download

Collections

Artículos de conferencia