Title :
DNS Based Spam Bots Detection in a University
Author :
Romaa, D.A.L. ; Kubota, Shinichiro ; Sugitani, Kenichi ; Musashi, Yasuo
Author_Institution :
Grad. Sch. of Sci. & Technol., Kumamoto Univ., Kumamoto
Abstract :
We carried out an entropy study on the DNS query traffic from the outside of a university campus network to the top domain DNS server when querying about reverse resolution on the PC room terminals through April 1st, 2007 to April 30th, 2008. The following interesting results are given: (1) In January 17th, 2008, the DNS query traffic is mainly dominated by several specific IP addresses as their query keywords. (2) We carried out forensic analysis on the PC room terminals in which IP addresses are found in the several specific keywords and it is concluded that the PCs become spam bots when inserting USB based key disk storage.
Keywords :
IP networks; Internet; educational computing; educational institutions; entropy; network servers; query processing; security of data; telecommunication traffic; DNS query traffic; DNS server; IP addresses; USB based key disk storage; entropy; forensic analysis; spam bots detection; university campus network; Entropy; Forensics; Frequency estimation; Information technology; Intelligent networks; Intelligent systems; Multimedia systems; Network servers; Telecommunication traffic; Unsolicited electronic mail; Bots; Campus Network; DNS based Detection; Spam Bots;
Conference_Titel :
Intelligent Networks and Intelligent Systems, 2008. ICINIS '08. First International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-0-7695-3391-9
Electronic_ISBN :
978-0-7695-3391-9
DOI :
10.1109/ICINIS.2008.54
