Universiti Teknologi Malaysia Institutional Repository
Login

Fast flux service networks detection model

Salleh , Mohd. Zaim (2010) Fast flux service networks detection model. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information System.

Full text not available from this repository.

Official URL: http://libraryopac.utm.my/client/en_AU/main/search...

Abstract

Fast flux service networks (FFSNs) architecture employ DNS approach to establish a multi layer network on compromised machines to host their illegal online services. This architecture enables frequent change of IP addresses and name servers which frustrate the trace back and web taken down from the authorities. On internal network, the FFSNs can be detected via analysis on DNS data traffic monitoring. The DNS resource records can be passively collected by replicating the logged queries and requests on the collectors. These data can be use as a significant feature for detecting FFSN by filtering and classifying them. The potential candidate domain grouped for clustering by tagging with the similarity of their behaviour. The proposed detection mechanism can be integrated with other monitoring and detection tools for further increase and tighten up the network security.

Item Type:Thesis (Masters)
Additional Information:Supervisor : Dr. Rabiah Ahmad; Thesis (Sarjana Sains (Sains Komputer - Keselamatan Maklumat)) - Universiti Teknologi Malaysia 2010
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System
ID Code:16426
Deposited By: Zalinda Shuratman
Deposited On:06 Jul 2017 01:02
Last Modified:20 Aug 2017 01:52

Repository Staff Only: item control page

EPrints Logo
Universiti Teknologi Malaysia Institutional Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.