DNS-Class: Immediate classification of IP flows using DNS
| Author | Foremski P.; Callegari C.; Pagano M. |
|---|---|
| Title | DNS-Class: Immediate classification of IP flows using DNS |
| Journal | International Journal of Network Management |
| Year | 2014 |
| Status | Published |
| URL | https://www.iitis.pl/ pjf/pub/2014-dnsclass-preprint.pdf |
| Abstract | Nowadays we see a tremendous growth of the Internet, especially in terms of the amount of data being transmitted and new network protocols being introduced. This poses a challenge for network administrators, who need adequate tools for network management. Recent findings show that DNS can contribute valuable information on IP flows and improve traffic visibility in a computer network. In this paper, we apply these findings on DNS to propose a novel traffic classification algorithm with interesting features. We experimentally show that the information carried in domain names and port numbers is sufficient for immediate classification of a highly significant portion of the traffic. We present DNS-Class: an innovative, fast, and reliable flow-based traffic classification algorithm, which on average yields 99.8% of True Positives and |
| ISSN | 1099-1190 |