Note: this blog is a mirror of my HP Labs Blog, on the same topic, accessible at: http://h30507.www3.hp.com/t5/Research-on-Security-and/bg-p/163

Sunday, July 28, 2013

Big Data for Security: On Using DNS Logs for Security Threat Detection


I am particularly interested in the area resulting from the intersection of the following topics: big data for security, big data analytics, distributed programming and data analysis solutions, security and cloud.

 

In particular I am interested in public case studies, business cases and trials involving the usage of (large amounts of) DNS data to detect new security threats and issues.

 

Here are some key related work and approaches:

·         EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis;

·         Large scale DNS analysis





·         DNS-based Detection of Scanning Worms in an Enterprise Network



  

--- Posted by Marco Casassa Mont (here and here)  ---

--- NOTE:  use this mirror blog if you prefer posting on an external blog site  ---

--- NOTE:  my original HP blog can be found here  ---

No comments: