翻訳と辞書 |
DNS analytics : ウィキペディア英語版 | DNS analytics DNS Analytics is the surveillance (collection and analysis) of DNS traffic within a computer network. Such analysis of DNS traffic has a significant application within information security and computer forensics, primarily when identifying insider threats, malware, cyberweapons, and ''advanced persistent threat'' (APT) campaigns within computer networks. Since DNS Analytics processes and interactions involve the communications between DNS clients and DNS servers during the resolution of DNS queries and updates, it may include tasks such as request logging, historical monitoring by node, tabulation of request count quantities, and calculations based on network traffic requests. While a primary driver for DNS Analytics is security described below, another motivation is understanding the traffic of a network so that it can be evaluated for improvements or optimization. For example, DNS Analytics can be used to gather data on a lab where a large number of related requests for PC software updates are made. Finding this, a local update server may be installed to improve the network. ==Published Research== Research within the public domain shows that state-sponsored malware and APT campaigns exhibit DNS ''indicators of compromise'' (IOC). Since June 2010, analysis of cyberweapon platforms and agents has been undertaken by labs including Kaspersky Lab, ESET, Symantec, McAfee, Norman Safeground, and Mandiant. The findings as released by these organizations include detailed analysis of Stuxnet,〔(【引用サイトリンク】 Stuxnet Under the Microscope )〕 Flame,〔(【引用サイトリンク】 The Roof is on Fire - Tracking Flames C&C Servers )〕 Hidden Lynx,〔(【引用サイトリンク】 Hidden Lynx )〕 Operation Troy,〔(【引用サイトリンク】 Dissecting Operation Troy )〕 The NetTraveler,〔(【引用サイトリンク】 The Nettraveler, Part 1 )〕 Operation Hangover,〔(【引用サイトリンク】 Unveiling an Indian Cyberattack Infrastructure )〕 Mandiant APT1,〔(【引用サイトリンク】 Mandiant APT1 Report )〕 and Careto.〔(【引用サイトリンク】 Unveiling the Mask )〕 These malware and APT campaigns can be reliably identified within computer networks through the use of DNS analytics tools.
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「DNS analytics」の詳細全文を読む
スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|