%0 Journal Article
%T Entropy Method for DNS Abnormal Detection<br>利用熵检测DNS异常
%A 丁森林
%A 吴军
%A 毛伟
%J 计算机系统应用
%D 2010
%I 
%X This paper propose a method of detecting DNS abnormalities by calculating the entropies of the DNS query types observed in consecutive windows of fixed-size. Applied to the DNS query data targeting .CN on May 19th 2009 when there was a major DNS accident happened, this method demonstrates ability of detecting the abnormal behavior towards DNS before the event was observed and reported.
%K DNS
%K entropy
%K DNS abnormal
%K query type<br>DNS
%K 熵
%K DNS异常
%K DNS查询类型
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=D4F6864C950C88FFCE5B6C948A639E39&aid=CB2B97B0EA745ADFE202E001692836C1&yid=140ECF96957D60B2&vid=2A8D03AD8076A2E3&iid=59906B3B2830C2C5&sid=64963996248CBF47&eid=FEF02B4635FE8227&journal_id=1003-3254&journal_name=计算机系统应用&referenced_num=0&reference_num=6