[dns-operations] [Off-topic] DNS dataset for academic research
Kaio Rafael
kaiorafael at dcc.ufam.edu.br
Thu Apr 18 15:53:35 UTC 2013
Joe,
2013/4/18 Joe Abley <jabley at hopcount.ca>:
> On 2013-04-18, at 11:24, Kaio Rafael <kaiorafael at dcc.ufam.edu.br> wrote:
>
>> I am looking for a DNS dataset for academic research. I have been
>> studying .BR DNS dataset (DITL 2008 on DNS-OARC servers), however, I
>> would like to investigate more recent traffic.
>
> What are you looking for?
I am looking for Botnet (spamming, PTR scan, etc..) characteristics
and patterns.
>
> Data from authority-only servers (which ones?), recursive servers,
> something else?
Recursive and TLD are enough. But if I have .BR I could compare with
old results, however, I sent a e-mail to Registro.BR and they answered
that they do not have any kind of dataset available.
>
> Packet captures, something else?
Just packet capture for passive analysis.
>
> What sample period do you need? Do you need a continuous/complete set
> of data within that window, or samples?
Generally, DITL datasets are three-day based on 24hours trace. If you
have anything such that, one/two weeks.
>
> How recent?
>From 2010 and forth
>
>
> Joe
Thanks
--
Kaio Rafael,
More information about the dns-operations
mailing list