Abstract
It is a necessity for effective network management to be aware of the activities taking place on computer networks. Network managers should always be alarmed about what is happening now, what might be, or what will be in the future for the sake of network. To gather information about a computer system or a network, attackers mostly exploit networking tools to gain some privileges and login systems. Penetration testers also use these tools to gather information about systems, but their main concern is to discover the vulnerabilities of the system, and to find out what kind of measures could be applied to make the system more resistant to these vulnerabilities. In this study, we propose an abnormal DNS traffic identification method via utilizing Hurst parameter estimation. To do so, we employ DNS information gathering tools in Kali Linux to generate abnormal DNS flows. Then, we estimate its self-similarity degree to compare the differences between normal DNS traffic flows and abnormal ones. Obtained results show that abnormal DNS traffic show higher self-similarity degrees. Another interesting finding is that abnormal DNS traffic shows different distribution characteristic.
Highlights
NOWADAYS, we need computer network systems more than ever to fulfill our daily routines
We focus on the identification of abnormal domain name system (DNS) traffic flows as an intrusion detection system which might be an indicator of an upcoming cyber-attack in advance
We demonstrate that Hurst-parameter estimation might be an indicator of abnormal DNS traffic identification method
Summary
NOWADAYS, we need computer network systems more than ever to fulfill our daily routines. Kali Linux is a Debian based Linux distribution which is popular for penetration testing purposes It was developed and maintained by Offensive Security [11]. It includes more than 600 tools for penetration testing such as information gathering, vulnerability identification, sniffing and spoofing, attacking, exploitation, forensic investigation tools, etc. It is an open source distribution, which means anyone can modify and enhance it via accessing its source code. Kali Linux can run on many different platforms; even on resource constrained devices such as a raspberry pi It adheres to the Filesystem Hierarchy Standard. This allows users to locate supported files, libraries, and binaries [9]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
