DNS key technologies based on machine learning and network data mining

Domain Name Systems (DNS) provide critical performance in directing Internet traffic. It is a significant duty of DNS service providers to protect DNS servers from bandwidth attacks. Data mining techniques may identify different trends in detecting anomalies, but these approaches are insufficient to provide adequate methods for querying traffic data in significant network environments. The patterns can enable the providers of DNS services to find anomalies. Accordingly, this research has used a new approach to find the anomalies using the Neural Network (NN) because intrusion detection techniques or conventional rule-based anomaly are insufficient to detect general DNS anomalies using multi-enterprise network traffic data obtained from network traffic data (from different organizations). NN was developed, and its results were measured to determine the best performance in anomaly detection using DNS query data. Going through the R² results, it was found that NN could satisfactorily perform the DNS anomaly detection process. Based on the results, the security weaknesses and problems related to unpredictable matters could be practically distinguished, and many could be avoided in advance. Based on the R² results, the NN could perform remarkably well in general DNS anomaly detection processing in this study.