Name System Research Articles

Securing DNS over HTTPS traffic: a real-time analysis tool

DNS over HTTPS (DoH) is a developing protocol that uses encryption to secure domain name system (DNS) queries within hypertext transfer protocol secure (HTTPS) connections, thereby improving privacy and security while browsing the web. This study involved the development of a live tool that captures and analyzes DoH traffic in order to classify it as either benign or malicious. We employed machine learning (ML) algorithms such as K-Nearest Neighbors (K-NN), random forest (RF), decision tree (DT), deep neural network (DNN), and support vector machine (SVM) to categorize the data. All of the algorithms, namely KNN, RF, and DT, achieved exceptional performance, with F1 scores of 1.0 or above for both precision and recall. The SVM and DNN both achieved exceptionally high scores, with only slight differences in accuracy. This tool employs a voting mechanism to arrive at a definitive classification decision. By integrating with the Mallory tool, it becomes possible to locally resolve DNS, which in turn allows for more accurate simulation of DoH queries. The evaluation results clearly indicate outstanding performance, confirming the tool's effectiveness in analyzing DoH traffic for network security and threat detection purposes.

Construction and Application of Place Name and Address Management System Based on Elasticsearch

Abstract. Place names and addresses serve as essential references for locating information about people's living, production, and various activity sites. They are a crucial component of public geographic framework data and act as tools and bridges for social communication in daily production and life. This paper presents a comprehensive system for managing place names and addresses by integrating a multi-level address model, data synchronization between PostgreSQL and Elasticsearch, and advanced query capabilities to ensure efficient and accurate data management. The system implements full lifecycle management of place names and addresses, fully leveraging the advantages of relational databases and distributed search engines. It provides essential functions such as address standardization, real-time updates, maintenance management, conditional queries, and statistical analysis. It has been successfully implemented in the National platform for common geospatial information service, laying the foundation for the next steps in refining social governance based on place names and addresses, and further advancing the digital transformation of government operations.

An Open-Source Implementation of the Scaffold Identification and Naming System (SCINS) and Example Applications.

Organizing and partitioning sets of chemical structures is of considerable practical significance, e.g., in compound library analysis and the postprocessing of screening hit lists. Approaches such as unsupervised clustering are computationally demanding and dataset-dependent; on the other hand, rule-based methods, such as those based on Murcko scaffolds, have linear time complexity but are often too fine-grained, leading to a large number of singletons or sparsely populated classes. An alternative rule-based method that seeks to achieve an optimal balance when grouping compounds into sets is the 'Scaffold Identification and Naming System' (SCINS). To facilitate public use of this previously published method, here, we provide an open-source Python implementation of SCINS, dependent only on RDKit. We show that SCINS can be useful in identifying sparsely and densely populated regions in chemical space in large databases, here exemplified with Enamine REAL Diverse and ChEMBL. We find that Enamine REAL Diverse covers a much smaller SCINS space relative to ChEMBL, whereas the opposite is true when Murcko and generic Murcko scaffolds are considered. Additionally, we show that SCINS can result in chemically intuitive grouping of medium-sized sets of bioactive compounds, which can be useful in compound selection from virtual screening campaigns as well as postprocessing of experimental hit lists. Hence, in this work, we provide both an open-source implementation of SCINS and its characterization with relevant use cases.

ONOMASTIC SPACE OF KAZAKH AND BASHKIR LANGUAGES

This article discusses the theory naming system of the Kazakh and Bashkir languages. The main sections of Kazakh and Bashkir onomastics are described, the degree of study of its individual sections is analyzed, according to which the course of development of Kazakh and Bashkir onomastics is determined. Although the main sections of onomastics are currently studied in detail, its individual areas still require study and systematization. In this regard, the historical materials that were guided in the study of onomastic space make it possible to identify the linguistic connection of onomastic units, show their connection with the history and culture of the people, as well as to cite the continuity of some phenomena in the formation of historical Kazakh and Bashkir names with a certain period of public life. As a result, it is established that in the basic vocabulary of Kazakh and Bashkir names, along with common Turkic words, other elements are used, and the lack of consistency in modern Kazakh surname writing, and in modern Bashkir, models of writing a person's last name (patronymic) are formed in accordance with the word-forming patterns of the Russian language, are shown on the basis of specific language data.

HYDROGRAPHIC NAMES AND TERMS OF SARYARKA

The purpose of the article is to consider in detail the system of hydronyms found in Saryarka. The article describes in detail the meaning of hydronyms, which provide rich information about natural conditions and landscape features. Research materials and methods of hydronymic names were considered. The scientists who studied the system of hydronyms of Saryarka and their respective contributions to the field were duly acknowledged. The study of the names of water bodies of Saryarka is an urgent task that requires in-depth study. It is possible to obtain a variety of geographical data regarding the formation of hydronyms, including their location and nomination. In this article, we determined the origin of toponymic names, which received the hydronymic name Saryarka, and divided them into groups. The classification of the system of potamonyms describing natural conditions and landscape features was presented in the form of a table. In the course of the study of this work, the physical and geographical features of water bodies were identified: properties, quality, color, flow, location, channel, origin, Coast, shape, depth, as well as their role in economic management (anthropogenic activity). In Saryarka, hydronyms formed on the basis of the names of plants and animals, the names of man, tribes and descendants are widespread. In the course of the study, a system of hydronymic names and terms was grouped, and a map of Saryarka microhydronyms was compiled based on specific data. About 3,000 names of Saryarka water bodies were grouped (based on a top map on a scale of 1: 500,000), and their etymology was determined.

The diversity and taxonomy of Tomentella (Thelephoraceae, Thelephorales) with descriptions of four new species from Southwestern China.

Taxonomy plays a central role in understanding the diversity of life, translating the products of biological exploration and discovery specimens and observations into systems of names that settle a "classification home" to taxa. Up to this point, studies on the taxonomy and phylogeny of the basidiomycetous genus Tomentella stemmed mainly from the temperate to boreal zones of the North Hemisphere, but were scarce in tropical Asia. In this study, four new species, viz. Tomentellaolivaceobasidiosa, T.velutina, T.wumenshanensis and T.yunnanensis from China, are described and illustrated based on the morphological characteristics and molecular phylogenetic analyses, in which the sequences of ITS+nLSU+mtSSU+RPB2 genes were used for the phylogenetic analyses using Maximum Likelihood, Maximum Parsimony and Bayesian Inference methods. All the new species can be well recognised by their macroscopical and anatomical characteristics. The four new species, closely related taxa in the phylogenetic tree and morphologically similar species are discussed.

Securing the internet’s backbone: A blockchain-based and incentive-driven architecture for DNS cache poisoning defense

Domain Name System (DNS) is the backbone of the Internet infrastructure, converting human-friendly domain names into machine-processable IP addresses. However, DNS remains vulnerable to various security threats, such as cache poisoning attacks, where malicious attackers inject false information into DNS resolvers’ caches. Although efforts have been made to enhance DNS against such vulnerabilities, existing countermeasures often fall short in one or more areas: they may offer limited resistance to the collusion attack, introduce significant overhead, or require complex implementation that hinders widespread adoption. To address these challenges, this paper introduces TI-DNS+, a trusted and incentivized blockchain-based DNS resolution architecture for cache poisoning defense. TI-DNS+ introduces a Verification Cache exploiting blockchain ledger’s immutable nature to detect and correct forged DNS responses. The architecture also incorporates a multi-resolver Query Vote mechanism, enhancing the ledger’s credibility by validating each record modification through a stake-weighted algorithm. This algorithm selects resolvers as validators based on their stake proportion. To promote well-behaved participation, TI-DNS+ also implements a novel stake-based incentive mechanism that optimizes the generation and distribution of stake rewards. This ensures that incentives align with participants’ contributions, achieving incentive compatibility, fairness, and efficiency. Moreover, TI-DNS+ possesses high practicability as it requires only resolver-side modifications to current DNS. Finally, through comprehensive prototyping and experimental evaluations, the results demonstrate that our solution effectively mitigates DNS cache poisoning. Compared to competitors, our solution improves attack resistance by 1-3 orders of magnitude, while also reducing resolution latency by 5% to 68%.

MDD-FedGNN: A vertical federated graph learning framework for malicious domain detection

The domain name system (DNS) serves as a fundamental component of the Internet infrastructure, but it is also exploited by attackers in various cyber-crimes, underscoring the significance of malicious domain detection (MDD). Recent advances show that graph-based models exhibit potential for inferring malicious domains and demonstrate superior performance. However, acquiring large-scale and high-quality graph datasets for MDD proves challenging for individual security institutes. Hence, a promising research direction involves employing vertical federated graph learning scheme to unite diverse security institutes and enhance local datasets resulting in more robust and powerful detection models. Nonetheless, directly applying vertical federated graph neural networks for MDD confronts challenges posed by noisy labels and noisy edges among security institutes, which ultimately diminish detection performance. This paper introduces a novel vertical federated learning framework, called MDD-FedGNN, that applies contrastive learning with two different encoders to deal with noisy labels and employs a new loss function based on the information bottleneck theory to handle noisy edges. Comparative experiments are conducted on a publicly available DNS dataset to evaluate the effectiveness of MDD-FedGNN in addressing the challenges of noisy labels and edges in vertical federated graph learning. The results demonstrate that MDD-FedGNN outperforms baseline methods, confirming the feasibility of training more powerful malicious domain detection models through data sharing and vertical federated learning among different security agencies.

Software defined networking based network traffic classification using machine learning techniques

The classification of network traffic has become increasingly crucial due to the rapid growth in the number of internet users. Conventional approaches, such as identifying traffic based on port numbers and payload inspection are becoming ineffective due to the dynamic and encrypted nature of modern network traffic. A number of researchers have implemented Software Defined Networking (SDN) based traffic classification using Machine Learning (ML) and Deep Learning (DL) models. However, the studies had various limitations such as encrypted traffic detection, payload inspection, poor detection accuracy, and challenges with testing models both in offline and real-time traffic modes. ML models together with SDN are adopted nowadays to enhance classification performance. In this paper, both supervised (Logistic Regression, Decision Tree, Random Forest, AdaBoost, and Support Vector Machine) and unsupervised (K-means clustering) ML models were used to classify Domain Name System (DNS), Telnet, Ping, and Voice traffic flows simulated using the Distributed Internet Traffic Generator (D-ITG) tool. The use of this tool effectively manages and classifies traffic types based on their application. The study discussed the dataset used, model selection, implementation of the model, and implementation techniques (such as pre-processing, feature extraction, ML algorithm, and model evaluation metrics). The proposed model in SDN was implemented in Mininet for designing the network architecture and generating network traffic. Anaconda Python environment was utilized for traffic classification using various ML techniques. Among the models tested, the Decision Tree supervised learning achieved the highest accuracy of 99.81%, outperforming other supervised and unsupervised learning algorithms. These results indicate that the integration of ML with SDN provides an efficient classification method for identifying and accurately classifying both offline and real-time network traffic, enhanced quality of service (QoS), detection of encrypted packets, deep packet inspection and management.

An end-to-end framework for private DGA detection as a service.

Domain Generation Algorithms (DGAs) are used by malware to generate pseudorandom domain names to establish communication between infected bots and command and control servers. While DGAs can be detected by machine learning (ML) models with great accuracy, offering DGA detection as a service raises privacy concerns when requiring network administrators to disclose their DNS traffic to the service provider. The main scientific contribution of this paper is to propose the first end-to-end framework for privacy-preserving classification as a service of domain names into DGA (malicious) or non-DGA (benign) domains. Our framework achieves these goals by carefully designed protocols that combine two privacy-enhancing technologies (PETs), namely secure multi-party computation (MPC) and differential privacy (DP). Through MPC, our framework enables an enterprise network administrator to outsource the problem of classifying a DNS (Domain Name System) domain as DGA or non-DGA to an external organization without revealing any information about the domain name. Moreover, the service provider's ML model used for DGA detection is never revealed to the network administrator. Furthermore, by using DP, we also ensure that the classification result cannot be used to learn information about individual entries of the training data. Finally, we leverage post-training float16 quantization of deep learning models in MPC to achieve efficient, secure DGA detection. We demonstrate that by using quantization achieves a significant speed-up, resulting in a 23% to 42% reduction in inference runtime without reducing accuracy using a three party secure computation protocol tolerating one corruption. Previous solutions are not end-to-end private, do not provide differential privacy guarantees for the model's outputs, and assume that model embeddings are publicly known. Our best protocol in terms of accuracy runs in about 0.22s.

PlantCircRNA: a comprehensive database for plant circular RNAs.

Circular RNAs (circRNAs) represent recently discovered novel regulatory non-coding RNAs. While they are present in many eukaryotes, there has been limited research on plant circRNAs. We developed PlantCircRNA (https://plant.deepbiology.cn/PlantCircRNA/) to fill this gap. The two most important features of PlantCircRNA are (i) it incorporates circRNAs from 94 plant species based on 39 245 RNA-sequencing samples and (ii) it imports the original AtCircDB and CropCircDB databases. We manually curated all circRNAs from published articles, and imported them into the database. Furthermore, we added detailed information of tissue as well as abiotic stresses to the database. To help users understand these circRNAs, the database includes a detection score to measure their consistency and a naming system following the guidelines recently proposed for eukaryotes. Finally, we developed a comprehensive platform for users to visualize, analyze, and download data regarding specific circRNAs. This resource will serve as a home for plant circRNAs and provide the community with unprecedented insights into these mysterious molecule.

Toponymy of The Names of Neighborhoods in Teluk Segara District, Bengkulu City, Bengkulu Province

The aim of this research is to discuss the lexical and cultural meaning of naming villages in Teluk Segara District, Bengkulu City, Bengkulu Province, which includes 5 of the 13 existing Villages. This research categorizes them based on naming system aspects, (1) embodiment aspects, (2) social aspects, (3) cultural aspects. This research uses descriptive qualitative research. The data source was obtained from the Traditional Chair of Pondok Besi Subdistrict and the Traditional Chair of Berkas Subdistrict. The data obtained was in the form of interview data in Teluk Segara District. The results of this research reveal that the toponymy of the names of sub-districts in Teluk Segara District, Bengkulu City consists of various categories, including water elements, community social interactions, flora, tangible elements, folklore, nature, settlement patterns, activities, landforms, and building.

Representation and Analysis of Kinship, Based on the Naming Pattern

In this study, we develop a graph-theoretic network model for genealogical data. It is based on the naming system used by the Galo tribe in the Indian state of Arunachal Pradesh. P-graphs are used to visually represent the genealogy. According to the analysis of the network on social network metrics, the genealogical network is a sparsely connected, scale-free network with an average path length of 11.615 and a graph density of 0.002. Only a small portion of its nodes have high centrality values. The network has three communities, twenty authority nodes, two hub nodes, and observed no relinking marriages.

Tracing Roots and Linkages: Harnessing Graph Theory and Social Network Analysis in Genealogical Research, Based on the Kin Naming System

Tracing Roots and Linkages: Harnessing Graph Theory and Social Network Analysis in Genealogical Research, Based on the Kin Naming System

LINGUOCULTURAL PECULIARITIES OF THE ENGLISH PROVERBS WITH PROPER NAMES

This article explores the manifestation of the anthroponymic code of culture in proverbs. The anthroponymic code, a subset of linguocultural codes, encompasses the system of proper names within a culture and reflects its historical, social, and cultural dimensions. Each ethnic group, over different historical periods, develops a unique register of personal names and an anthroponymic model that varies between folk and canonical names.

Transfer learning with ResNet50 for malicious domains classification using image visualization

The Internet has become a vital part of our daily lives, serving as a hub for global connectivity and a facilitator for seamless communication and information exchange. However, the rise of malicious domains presents a serious challenge, undermining the reliability of the Internet and posing risks to user safety. These malicious activities exploit the Domain Name System (DNS) to deceive users, leading to harmful activities such as spreading drive-by-download malware, operating botnets, creating phishing sites, and sending spam. In response to this growing threat, the application of Machine Learning (ML) techniques has proven to be highly effective. These methods excel in quickly and accurately detecting, classifying, and analyzing such threats. This paper explores the latest developments in using transfer learning for the classification of malicious domains, with a focus on image visualization as a key methodological approach. Our proposed solution has achieved a remarkable testing accuracy rate of 98.67%, demonstrating its effectiveness in detecting and classifying malicious domains.

Bird names as critical communication infrastructure in the contexts of history, language, and culture

Standardized taxonomies and lists of birds were created to improve communication. They are linguistic infrastructure―biodiversity indices and dictionaries―that have been painstakingly built and maintained and that have enhanced regional and global participation in the study and enjoyment of birds. Inclusion of people has been a core objective in creating and maintaining these standardized lists, and dissatisfaction and desires to overwrite objectionable names have been associated with them for nearly two centuries. Suggestions that bird names should be changed are continuous. Today, these suggestions include the view that some bird names must be changed to make them more accurate, inoffensive, and culturally appropriate to further increase diversity and inclusion among ornithologists and bird watchers. The latter, meritorious goal has been largely successful thus far despite many ongoing objections. Historic examples indicate that large-scale name changes, however, are not needed to accomplish major societal goals of inclusion. Some barriers to inclusion likely remain, and some changes are likely needed for English names. Often overlooked or underappreciated in name change discussions are that: 1) standardized names lists have had numerically staggering success in fostering inclusion of diverse participants globally; 2) stability is vital in such systems, and destabilization has exclusionary effects; 3) dissatisfaction with such lists and the names they include has been ongoing since these naming systems began; 4) important flexibilities exist in conjunction with these communication systems that enhance local and regional communication (e.g., alternative names in English and other languages); and 5) cultural values, important as they are, are neither universally shared nor constant, and thus risk bringing divisiveness and instability when used as a central reason for change. Consideration of standardized lists of bird names as communication systems in the fuller context of history, language, and culture will improve our management of these systems and their continued utility in fostering inclusion. With standardized, stable naming systems acting as a skeleton, proactively building outwards, both within and among languages and cultures, offers a positive and productive way to increase inclusion and to improve cultural and biodiversity conservation.

SeqCode: A Nomenclatural Code for Prokaryotes.

SeqCode is a nomenclatural code for naming prokaryotes based on genetic information. With the majority of prokaryotes being inaccessible as pure cultures, they are not eligible for naming under the International Code of Nomenclature of Prokaryotes. To address this challenge, a new concept that is SeqCode, which assign names to prokaryotes on the basis of genome sequence, has been announced in 2022. The valid publication of names for prokaryotes based on isolated genome, metagenome-assembled genomes, or single-amplified genome sequences. It operates through a registration portal, SeqCode Registry, where metadata is linked to names and nomenclatural types. This code provides a framework for reproducible nomenclature for all prokaryotes, either culturable or not and facilitates communication across all microbiological disciplines. Additionally, the SeqCode includes provisions for updating and revising names as new data becomes available. By providing a standardized system for naming and classifying these microorganisms based on their genetic information, the SeqCode will facilitate the discovery, understanding and comparison of these microorganisms, helping us to understand their role in the environment and how they contribute to the functioning of the Earth.

On DGA Detection and Classification Using P4 Programmable Switches

Domain Generation Algorithms (DGAs) are highly effective strategies employed by malware to establish connections with Command and Control (C2) servers. Mitigating DGAs in high-speed networks can be challenging, as it often requires resource-intensive tasks such as extracting high-dimensional features from domain names or collecting extensive network heuristics. In this paper, we propose an innovative framework leveraging the flexibility, per-packet granularity, and Terabits per second (Tbps) processing capabilities of P4 programmable data plane switches for the rapid and accurate detection and classification of DGA families. Specifically, we use P4 switches to extract a combination of unique network heuristics and domain name features through shallow and Deep Packet Inspection (DPI) with minimal impact on throughput. We employ a two-fold approach, comprising a line-rate compact Machine Learning (ML) classifier in the data plane for DGA detection and a more comprehensive classifier in the control plane for DGA detection and classification. To validate our approach, we collected malware samples totaling hundreds of Gigabytes (GBs), representing over 50 DGA families, and utilized campus traffic from normal benign users. Our results demonstrate that our proposed approach can swiftly and accurately detect DGAs with an accuracy of 97% and 99% in the data plane and the control plane, respectively. Furthermore, we present promising findings and preliminary results for detecting DGAs in encrypted Domain Name System (DNS) traffic. Our framework enables the immediate halting of malicious communications, empowering network operators to implement effective mitigation, incident management, and provisioning strategies.

Ensuring information security and stability: The application of blockchain in naming system

In recent years, network information security and stability problems have emerged one after another, and people's personal privacy and property security are being threatened. A large part of these problems are caused by two major characteristics of traditional DNSinsecurity and instability. Therefore, this article aims to explore a new internet naming system the Blockchain Naming Systemto address the current issues of internet information security and stabilityespecially the problems caused by the traditional DNS system. This article adopts scientific research methods such as literature survey, comparative research, experimental exploration, analogy research, and model building. By analyzing the current situation, studying the feasibility of the blockchain naming system, and comparing its advantages and disadvantages with the traditional DNS system, it is not difficult to conclude that this new blockchain naming system has huge potential. It can not only ensure stability and security but also contribute to other fields.