Explore techniques for detecting DNS anomalies using statistical analysis in this 47-minute conference talk. Learn about DNS record types, letter analysis, and methods for identifying unusual patterns. Discover tools and examples for data visualization, including gplot bar graphs, unique query analysis, and box plots. Examine approaches to analyzing DES records, SOA records, and Time to Live values. Gain insights into initial data collection processes and report generation for effective DNS anomaly detection.
Overview
Syllabus
Introduction
Jamies Background
Objectives
What is DNS
Record Types
Letter Analysis
Identifying Anomalies
Tools
Examples
Exploring
Output
Gplot
Bar Graph
Unique Queries
Bar Graphs
Absolute Count
Outliers
Box Plot
Key 5sk
Individual Plots
DES Records
SOA Records
Time to Live
Questions
Initial Data Collection
Report Generation