[dns-operations] [Off-topic] DNS dataset for academic research

Kaio Rafael kaiorafael at dcc.ufam.edu.br
Thu Apr 18 15:53:35 UTC 2013


2013/4/18 Joe Abley <jabley at hopcount.ca>:
> On 2013-04-18, at 11:24, Kaio Rafael <kaiorafael at dcc.ufam.edu.br> wrote:
>> I am looking for a DNS dataset for academic research. I have been
>> studying .BR DNS dataset (DITL 2008 on DNS-OARC servers), however, I
>> would like to investigate more recent traffic.
> What are you looking for?

I am looking for Botnet (spamming, PTR scan, etc..)  characteristics
and patterns.

> Data from authority-only servers (which ones?), recursive servers,
> something else?

Recursive and TLD are enough. But if I have .BR I could compare with
old results, however, I sent a e-mail to Registro.BR and they answered
that they do not have any kind of dataset available.

> Packet captures, something else?

Just packet capture for passive analysis.

> What sample period do you need? Do you need a continuous/complete set
> of data within that window, or samples?

Generally, DITL datasets are three-day based on 24hours trace. If you
have anything such that, one/two weeks.

> How recent?

>From 2010 and forth

> Joe

Kaio Rafael,

More information about the dns-operations mailing list