Speaker
Mr
Francisco Cifuentes
(NIC Chile Research Labs)
Description
DNS stream analysis is an appropriate environment to work with real
time analytics due to the extremely large amount of queries that needs
to be processed per second.
There are some tools used to analyze DNS traffic, such as DSC, DSCng
or Bumblebee, but they focus in statistical analysis, mainly providing
visualization of data aggregations. We will show our system design
for a filtering and grouping tool based on the Apache Storm streaming
framework, in order to analyze a live stream of DNS packets received
by a cloud of DNS servers, and some basics results from testing our
prototype analyzing the traces recorded at DITL.
By developing this Storm based tool we also aim to help DNS Admins to
monitor some general statistics of their servers as the other tools
do, such as the historical percentages of query types, query volume or
alternative metrics like current state of load balancing between
servers.
Another goal we have is to analyze the historical data of the specific
DNS traffic to determine what is the normal behavior of the statistics
mentioned above.
Primary authors
Mr
Francisco Cifuentes
(NIC Chile Research Labs)
Dr
Javier Bustos
(NIC Labs)
