DNS-Class: immediate classification of IP flows using DNS

DNS-Class: immediate classification of IP flows using DNS

SUMMARY Nowadays we see a tremendous growth of the Internet, especially in terms of the amont of data being transmitted and new network protocols being introduced. This poses a challenge for network administrators, who need adequate tools for network management. Recent findings show that DNS can con...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of network management 2014-07, Vol.24 (4), p.272-288
Hauptverfasser: Foremski, Paweł, Callegari, Christian, Pagano, Michele
Format: Artikel
Sprache:eng
Schlagworte:
Algorithms
Classification
Domain names
Intellectual property
Internet
Networks
Source code
Traffic engineering
Traffic flow
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:SUMMARY Nowadays we see a tremendous growth of the Internet, especially in terms of the amont of data being transmitted and new network protocols being introduced. This poses a challenge for network administrators, who need adequate tools for network management. Recent findings show that DNS can contribute valuable information on IP flows and improve traffic visibility in a computer network. In this paper, we apply these findings on DNS to propose a novel traffic classification algorithm with interesting features. We experimentally show that the information carried in domain names and port numbers is sufficient for immediate classification of a highly significant portion of the traffic. We present DNS‐Class: an innovative, fast and reliable flow‐based traffic classification algorithm, which on average yields 99.8% of true positives and 
ISSN:1055-7148
1099-1190
DOI:10.1002/nem.1864