Re: references for use of DNS query logs and responses for network security

[Valdis Kletnieks <Valdis.Kletnieks () VT EDU>]

On Tue, 03 Feb 2009 20:21:36 +1300, Russell Fulton said:

> An academic colleague is about to take on a post grad student to do
> some work in this area and I was wondering if anyone can give them a
> start on the literature search.

Not directly related to security, but Evi Nemeth from CAIDA did a really
nice NANOG presentation about how 98% of the DNS traffic arriving at one
of the root servers was busticated in one way or another:

http://www.nanog.org/meetings/nanog24/abstracts.php?pt=OTIxJm5hbm9nMjQ=&nm=nanog24

Duane Wessels did an update a few NANOGs later:

http://www.nanog.org/meetings/nanog29/abstracts.php?pt=Njc5Jm5hbm9nMjk=&nm=nanog29

(Go to http://www.nanog.org/presentations/archive/index.php and search for 'DNS'
and you'll get a lot of other hits.  I'll note that CAIDA and similar may not
be suitable starts for the lit search, because they focus on actual real-world
numbers rather than academic posturing... ;)

Attachment: _bin
Description: