Title :
Preprocessing DNS Log Data for Effective Data Mining
Author :
Snyder, Mark E. ; Sundaram, Ravi ; Thakur, Mayur
Author_Institution :
Dept. of Comput. Sci., Missouri S&T, Rolla, MO, USA
Abstract :
The domain name service (DNS) provides a critical function in directing Internet traffic. Defending DNS servers from bandwidth attacks is assisted by the ability to effectively mine DNS log data for statistical patterns. Processing DNS log data can be classified as a data-intensive problem, and as such presents challenges unique to this class of problem. When problems occur in capturing log data, or when the DNS server experiences an outage (scheduled or unscheduled), the normal pattern of traffic for that server becomes clouded. Simple linear interpolation of the holes in the data does not preserve features such as peaks in traffic (which can occur during an attack, making them of particular interest). We demonstrate a method for estimating values for missing portions of time sensitive DNS log data. This method would be suitable for use with a variety of datasets containing time series values where certain portions are missing.
Keywords :
Internet; data mining; security of data; statistical analysis; telecommunication traffic; DNS servers; Internet traffic; bandwidth attacks; data mining; data-intensive problem; domain name service log data; statistical patterns; Communications Society; Computer science; Data mining; Information science; Interpolation; Network servers; Peer to peer computing; USA Councils; Web and internet services; Web server;
Conference_Titel :
Communications, 2009. ICC '09. IEEE International Conference on
Conference_Location :
Dresden
Print_ISBN :
978-1-4244-3435-0
Electronic_ISBN :
1938-1883
DOI :
10.1109/ICC.2009.5199359
