Inferring relative popularity of internet applications by actively querying DNS caches

Wills, Craig E.; Михайлов, М. М.; Shang, Hao

doi:10.1145/948213.948216

Cited by 6 publications

(7 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Such efforts would be especially useful if a media server with many audio and video encoding rates and choices were specifically studied. Existing techniques that actively query DNS caches such as in Wills et al [2003] could provide complementary information about the popularity of Web sites with stored audio and video.…”

Section: Future Workmentioning

confidence: 99%

Characteristics of streaming media stored on the Web

Claypool

Kinicki

et al. 2005

ACM Trans. Internet Technol.

View full text Add to dashboard Cite

Despite the growth in multimedia, there have been few studies that focus on characterizing streaming audio and video stored on the Web. This investigation used a customized Web crawler to traverse 17 million Web pages from diverse geographic locations and identify nearly 30,000 streaming audio and video clips available for analysis. Using custom-built extraction tools, these streaming media objects were analyzed to determine attributes such as media type, encoding format, playout duration, bitrate, resolution, and codec. The streaming media content encountered is dominated by proprietary audio and video formats with the top four commercial products being RealPlayer, Windows Media Player, MP3 and QuickTime. The distribution of the stored playout durations of streaming audio and video clips are long-tailed. More than half of the streaming media clips encountered are video, encoded primarily for broadband connections and at resolutions considerably smaller than the resolutions of typical monitors.

show abstract

Section: Future Workmentioning

confidence: 99%

Characteristics of streaming media stored on the Web

Claypool

Kinicki

et al. 2005

ACM Trans. Internet Technol.

View full text Add to dashboard Cite

show abstract

“…During this stage, a detection mechanism is provided to analyze DNS traffic and detect possible communication instabilities and DNS anomalies (Choi et al, 2007;Villamarín-Salomón and Brustoloni, 2008). It was shown in Cranor et al (2001) and Wills et al (2003) that DNS queries provide information regarding botnet existence and help find the location of the C&C server. Normally bots communicate within a single administrative domain and it is easy to measure the relationship between the bots and the C&C mechanism by analyzing different domain attributes such as the lifetime of the domain, time to live (TTL) of the query, page ranking of domains, and how frequently a query is applied.…”

Section: Botnet Detection Based On the Dns Protocolmentioning

confidence: 99%

“…P2P has become a major source of illegal activities of content sharing, due to a lack of Modeling botnet propagation using time zones Ability to predict future botnets Focusing on centralized C&C (Wills et al, 2003) Botnet detection by inferring the usage pattern of applications…”

Section: Botnet Detection Based On P2p Protocolsmentioning

confidence: 99%

Botnet detection techniques: review, future trends, and issues

Karim

Salleh

Shiraz

et al. 2014

J. Zhejiang Univ. - Sci. C

107

View full text Add to dashboard Cite

In recent years, the Internet has enabled access to widespread remote services in the distributed computing environment; however, integrity of data transmission in the distributed computing platform is hindered by a number of security issues. For instance, the botnet phenomenon is a prominent threat to Internet security, including the threat of malicious codes. The botnet phenomenon supports a wide range of criminal activities, including distributed denial of service (DDoS) attacks, click fraud, phishing, malware distribution, spam emails, and building machines for illegitimate exchange of information/materials. Therefore, it is imperative to design and develop a robust mechanism for improving the botnet detection, analysis, and removal process. Currently, botnet detection techniques have been reviewed in different ways; however, such studies are limited in scope and lack discussions on the latest botnet detection techniques. This paper presents a comprehensive review of the latest state-of-the-art techniques for botnet detection and figures out the trends of previous and current research. It provides a thematic taxonomy for the classification of botnet detection techniques and highlights the implications and critical aspects by qualitatively analyzing such techniques. Related to our comprehensive review, we highlight future directions for improving the schemes that broadly span the entire botnet detection research field and identify the persistent and prominent research challenges that remain open.

show abstract

“…Grangeia [11] provides an excellent review of how to remotely inspect a cache for evidence of a specific lookup (e.g., www.nytimes.com). Remote cache inspection of this type has been used for a number of measurement studies that include, for example, inferring the relative popularity of websites [12] and tracking malware infections [13]. In contrast, in this paper we explore how DNS prefetching amplifies new privacy threats, allowing one to gain far more insights than these prior techniques envisioned.…”

Section: Related Workmentioning

confidence: 99%

An empirical study of the performance, security and privacy implications of domain name prefetching

Krishnan

Monrose

2011

2011 IEEE/IFIP 41st International Conference on Dependable Systems &Amp; Networks (DSN)

View full text Add to dashboard Cite

An increasingly popular technique for decreasing user-perceived latency while browsing the Web is to optimistically pre-resolve (or prefetch) domain name resolutions. In this paper, we present a large-scale evaluation of this practice using data collected over the span of several months, and show that it leads to noticeable increases in load on name servers-with questionable caching benefits. Furthermore, to assess the impact that prefetching can have on the deployment of security extensions to DNS (DNSSEC), we use a custom-built cache simulator to perform trace-based simulations using millions of DNS requests and responses collected campuswide. We also show that the adoption of domain name prefetching raises privacy issues. Specifically, we examine how prefetching amplifies information disclosure attacks to the point where it is possible to infer the context of searches issued by clients.

show abstract

Inferring relative popularity of internet applications by actively querying DNS caches

Cited by 6 publications

References 0 publications

Characteristics of streaming media stored on the Web

Characteristics of streaming media stored on the Web

Botnet detection techniques: review, future trends, and issues

An empirical study of the performance, security and privacy implications of domain name prefetching

Contact Info

Product

Resources

About