Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 2 of 2
Full-Text Articles in Information Security
Dial "N" For Nxdomain: The Scale, Origin, And Security Implications Of Dns Queries To Non-Existent Domains, Gunnan Liu, Lin Jin, Shuai Hao, Yubao Zhang, Daiping Liu, Angelos Stavrou, Haining Wang
Dial "N" For Nxdomain: The Scale, Origin, And Security Implications Of Dns Queries To Non-Existent Domains, Gunnan Liu, Lin Jin, Shuai Hao, Yubao Zhang, Daiping Liu, Angelos Stavrou, Haining Wang
Computer Science Faculty Publications
Non-Existent Domain (NXDomain) is one type of the Domain Name System (DNS) error responses, indicating that the queried domain name does not exist and cannot be resolved. Unfortunately, little research has focused on understanding why and how NXDomain responses are generated, utilized, and exploited. In this paper, we conduct the first comprehensive and systematic study on NXDomain by investigating its scale, origin, and security implications. Utilizing a large-scale passive DNS database, we identify 146,363,745,785 NXDomains queried by DNS users between 2014 and 2022. Within these 146 billion NXDomains, 91 million of them hold historic WHOIS records, of which 5.3 million …
Attacker Capability Based Dynamic Deception Model For Large-Scale Networks, Md Ali Reza Al Amin, Sachhin Shetty, Laurent Njilla, Deepak K. Tosh, Charles Kamhoua
Attacker Capability Based Dynamic Deception Model For Large-Scale Networks, Md Ali Reza Al Amin, Sachhin Shetty, Laurent Njilla, Deepak K. Tosh, Charles Kamhoua
Computational Modeling & Simulation Engineering Faculty Publications
In modern days, cyber networks need continuous monitoring to keep the network secure and available to legitimate users. Cyber attackers use reconnaissance mission to collect critical network information and using that information, they make an advanced level cyber-attack plan. To thwart the reconnaissance mission and counterattack plan, the cyber defender needs to come up with a state-of-the-art cyber defense strategy. In this paper, we model a dynamic deception system (DDS) which will not only thwart reconnaissance mission but also steer the attacker towards fake network to achieve a fake goal state. In our model, we also capture the attacker’s capability …