Shinichiro Kubota

Learn More
We carried out an entropy study on the DNS query traffic from the Internet to the top domain DNS server in a university campus network through January 1st to March 31st, 2009. The obtained results are: (1) We observed a difference for the entropy changes among the total-, the A-, and the PTR resource records (RRs) based DNS query traffic from the Internet(More)
We statistically investigated the total inbound standard DNS resolution traffic from the Internet to the top domain DNS server in a university campus network through January 1st to December 31st, 2010. The following results are obtained: (1) We found five Kaminsky DNS Cache Poisoning (Kaminsky) attacks in observation of rapid decrease in the unique source(More)
We performed statistical analysis on the total PTR resource record (RR) based DNS query packet traffic from a university campus network to the top domain DNS server through March 14th, 2009, when the network servers in the campus network were under inbound SSH dictionary attack. The interesting results are obtained, as follows: (1) the network servers,(More)
Monitoring network security of a university is one of the most important jobs for the network managers. Without the monitoring, it is hard to keep the network safe. It is common that the security policy of a university has the term which states that monitoring network security is a mandate. However it is very hard to monitor every part of a university's(More)
We developed and evaluated Euclidian distance based detection method for SSH dictionary attacks in the total PTR resource record (RR) based DNS query request packet traffic from the campus network to the DNS cache server in a university through January 1st to December 31st, 2009. The obtained results are: (1) The network servers, especially, they have a(More)
We statistically investigated the total PTR resource record (RR) based DNS query request packet traffic from the Internet to the top domain DNS server in a university campus network through January 1st to December 31st, 2009. The obtained results are: (1) We observed fourteen host search (HS) activities in which we can observe rapid decreases in the unique(More)
Currently, the network security appliance is one of the most important research topics in IT security. The use of log files for further security analysis was proven their importance in the development of a three DNS query traffic based detection model system for a proactive detection of security threat in the university campus network. In the current(More)
We carried out an entropy study on the DNS query traffic from the Internet to the top domain DNS server in a university campus network through January 1st to March 31st, 2009. The obtained results are: (1) We observed a difference for the entropy changes among the total-, the A-, and the PTR resource records (RRs) based DNS query traffic from the Internet(More)
  • 1