Title :
Visual Detection of Anomalies in DNS Query Log Data
Author :
Guihua Shan ; Yang Wang ; Maojin Xie ; Haopu Lv ; Xuebin Chi
Author_Institution :
Comput. Network Inf. Center, Beijing, China
Abstract :
DNS (Domain Name System) is an essential component of the functionality of the Internet, which converts domain names to the IP addresses. The security of DNS is related to the whole Internet. DNS query log file provide the insights of the DNS security. In this paper we propose an interactive visual analysis system for the DNS log files to intuitively detect the anomalies in DNS query logs. With a theme river based ranking visualization linked with Heat-Dial-map and tree map, user could easy identify anomalies and then further analyze regional and temporal features to help the administrators figure out the reason. Moreover, the features of DNS queries in time and region could also be analysis with this system.
Keywords :
IP networks; Internet; computer network security; data visualisation; interactive systems; query processing; tree data structures; DNS query log data; DNS query log file; DNS security; Heat-Dial-map; IP addresses; Internet; domain name system; interactive visual analysis system; regional feature analysis; river-based ranking visualization; temporal feature analysis; tree map; visual anomaly detection; Data visualization; Heating; Image color analysis; Internet; Market research; Rivers; Visualization; DNS; abnormal detection; ranking;
Conference_Titel :
Visualization Symposium (PacificVis), 2014 IEEE Pacific
Conference_Location :
Yokohama
DOI :
10.1109/PacificVis.2014.23
