{"id":"https://openalex.org/W2158020318","doi":"https://doi.org/10.1109/dsnw.2013.6615506","title":"Investigating DNS traffic anomalies for malicious activities","display_name":"Investigating DNS traffic anomalies for malicious activities","publication_year":2013,"publication_date":"2013-06-01","ids":{"openalex":"https://openalex.org/W2158020318","doi":"https://doi.org/10.1109/dsnw.2013.6615506","mag":"2158020318"},"language":"en","primary_location":{"id":"doi:10.1109/dsnw.2013.6615506","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dsnw.2013.6615506","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5042677090","display_name":"Yarochkin Fyodor","orcid":null},"institutions":[{"id":"https://openalex.org/I16733864","display_name":"National Taiwan University","ror":"https://ror.org/05bqach95","country_code":"TW","type":"education","lineage":["https://openalex.org/I16733864"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Fyodor Yarochkin","raw_affiliation_strings":["Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan","institution_ids":["https://openalex.org/I16733864"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000775312","display_name":"Vladimir Kropotov","orcid":null},"institutions":[{"id":"https://openalex.org/I16733864","display_name":"National Taiwan University","ror":"https://ror.org/05bqach95","country_code":"TW","type":"education","lineage":["https://openalex.org/I16733864"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Vladimir Kropotov","raw_affiliation_strings":["Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan","institution_ids":["https://openalex.org/I16733864"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050224370","display_name":"Yennun Huang","orcid":"https://orcid.org/0000-0001-9312-0113"},"institutions":[{"id":"https://openalex.org/I16733864","display_name":"National Taiwan University","ror":"https://ror.org/05bqach95","country_code":"TW","type":"education","lineage":["https://openalex.org/I16733864"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Yennun Huang","raw_affiliation_strings":["Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan","institution_ids":["https://openalex.org/I16733864"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111965275","display_name":"Guo-Kai Ni","orcid":null},"institutions":[{"id":"https://openalex.org/I16733864","display_name":"National Taiwan University","ror":"https://ror.org/05bqach95","country_code":"TW","type":"education","lineage":["https://openalex.org/I16733864"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Guo-Kai Ni","raw_affiliation_strings":["Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan","institution_ids":["https://openalex.org/I16733864"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043885374","display_name":"Sy\u2010Yen Kuo","orcid":"https://orcid.org/0000-0002-3021-8321"},"institutions":[{"id":"https://openalex.org/I16733864","display_name":"National Taiwan University","ror":"https://ror.org/05bqach95","country_code":"TW","type":"education","lineage":["https://openalex.org/I16733864"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Sy-Yen Kuo","raw_affiliation_strings":["Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan","institution_ids":["https://openalex.org/I16733864"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082260092","display_name":"Ing-Yi Chen","orcid":null},"institutions":[{"id":"https://openalex.org/I118292597","display_name":"National Taipei University of Technology","ror":"https://ror.org/00cn92c09","country_code":"TW","type":"education","lineage":["https://openalex.org/I118292597"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Ing-Yi Chen","raw_affiliation_strings":["Department of Computer Science and Information Engineering, National Taipei University of Technology, Taipei, Taiwan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Information Engineering, National Taipei University of Technology, Taipei, Taiwan","institution_ids":["https://openalex.org/I118292597"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.7545,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.77781226,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/domain-name-system","display_name":"Domain Name System","score":0.8873915076255798},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.7786394357681274},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.7008440494537354},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6938604116439819},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6911776065826416},{"id":"https://openalex.org/keywords/internet-traffic","display_name":"Internet traffic","score":0.540992796421051},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.5387872457504272},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.49866390228271484},{"id":"https://openalex.org/keywords/internet-layer","display_name":"Internet layer","score":0.4833090305328369},{"id":"https://openalex.org/keywords/internet-security","display_name":"Internet security","score":0.4644603133201599},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.45681604743003845},{"id":"https://openalex.org/keywords/name-server","display_name":"Name server","score":0.41233396530151367},{"id":"https://openalex.org/keywords/internet-protocol","display_name":"Internet Protocol","score":0.3044355511665344},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2723933458328247},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.1557949185371399},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.10470083355903625}],"concepts":[{"id":"https://openalex.org/C35026560","wikidata":"https://www.wikidata.org/wiki/Q8767","display_name":"Domain Name System","level":3,"score":0.8873915076255798},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.7786394357681274},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.7008440494537354},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6938604116439819},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6911776065826416},{"id":"https://openalex.org/C63969886","wikidata":"https://www.wikidata.org/wiki/Q3536440","display_name":"Internet traffic","level":3,"score":0.540992796421051},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.5387872457504272},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.49866390228271484},{"id":"https://openalex.org/C146739243","wikidata":"https://www.wikidata.org/wiki/Q2910948","display_name":"Internet layer","level":4,"score":0.4833090305328369},{"id":"https://openalex.org/C22111027","wikidata":"https://www.wikidata.org/wiki/Q1070427","display_name":"Internet security","level":4,"score":0.4644603133201599},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.45681604743003845},{"id":"https://openalex.org/C105320234","wikidata":"https://www.wikidata.org/wiki/Q41494","display_name":"Name server","level":3,"score":0.41233396530151367},{"id":"https://openalex.org/C35341882","wikidata":"https://www.wikidata.org/wiki/Q8795","display_name":"Internet Protocol","level":3,"score":0.3044355511665344},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2723933458328247},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.1557949185371399},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.10470083355903625}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/dsnw.2013.6615506","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dsnw.2013.6615506","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.4399999976158142}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W6983256","https://openalex.org/W129105937","https://openalex.org/W188174107","https://openalex.org/W1554190247","https://openalex.org/W1561983441","https://openalex.org/W1970867218","https://openalex.org/W2003967425","https://openalex.org/W2012140923","https://openalex.org/W2050807355","https://openalex.org/W2053934633","https://openalex.org/W2054298352","https://openalex.org/W2054897983","https://openalex.org/W2058307359","https://openalex.org/W2069620139","https://openalex.org/W2086089672","https://openalex.org/W2136495567","https://openalex.org/W2141245797","https://openalex.org/W2143403916","https://openalex.org/W2156844326","https://openalex.org/W2235043326","https://openalex.org/W2237951646","https://openalex.org/W2243743487","https://openalex.org/W4255516818","https://openalex.org/W6607659811","https://openalex.org/W6633578641","https://openalex.org/W6663938914","https://openalex.org/W6689880219"],"related_works":["https://openalex.org/W2183899684","https://openalex.org/W386065407","https://openalex.org/W2390563968","https://openalex.org/W1569990158","https://openalex.org/W1598490273","https://openalex.org/W2344010401","https://openalex.org/W2073523380","https://openalex.org/W3004039032","https://openalex.org/W4378190626","https://openalex.org/W2356779745"],"abstract_inverted_index":{"The":[0,110],"Domain":[1],"Name":[2],"System":[3],"(DNS)":[4],"is":[5,47],"one":[6],"of":[7,11,34,42,58,69,79,107,119],"the":[8,32,38,56,120],"critical":[9],"components":[10],"modern":[12],"Internet":[13,16,59,100],"networking.":[14],"Proper":[15],"functions":[17],"(such":[18],"as":[19],"mail":[20],"delivery,":[21],"web":[22],"browsing":[23],"and":[24,40,94,125],"so":[25],"on)":[26],"are":[27,141],"typically":[28],"not":[29],"possible":[30],"without":[31],"use":[33],"DNS.":[35],"However":[36],"with":[37],"growth":[39],"commercialization":[41],"global":[43],"networking,":[44],"this":[45,62,114],"protocol":[46,121],"often":[48],"abused":[49],"for":[50,75,104,129],"malicious":[51,136],"purposes":[52],"which":[53],"negatively":[54],"impacts":[55],"security":[57,66],"users.":[60],"In":[61,81],"paper":[63,115],"we":[64,86],"perform":[65],"data":[67],"analysis":[68,92],"DNS":[70,90,139],"traffic":[71,91,140],"at":[72,97],"large":[73],"scale":[74],"a":[76,89,98,105],"prolonged":[77],"period":[78,106],"time.":[80],"order":[82],"to":[83],"do":[84],"this,":[85],"developed":[87],"DNSPacketlizer,":[88],"tool":[93],"deployed":[95],"it":[96],"mid-scale":[99],"Service":[101],"Provider":[102],"(ISP)":[103],"six":[108],"months.":[109],"findings":[111],"presented":[112],"in":[113,138],"demonstrate":[116],"persistent":[117],"abuse":[118],"by":[122],"Botnet":[123],"herders":[124],"antivirus":[126],"software":[127],"vendors":[128],"covert":[130],"communication.":[131],"Other":[132],"suspicious":[133],"or":[134],"potentially":[135],"activities":[137],"also":[142],"discussed.":[143]},"counts_by_year":[{"year":2019,"cited_by_count":2},{"year":2014,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}