@inproceedings{29fac9a7c2164ea78e64be8f6da345d1,
title = "Approximate String Matching for DNS Anomaly Detection",
abstract = "In this paper we propose a novel approach to identify anomalies in DNS traffic. The traffic time-points data is transformed to a string, which is used by new fast approximate string matching algorithm to detect anomalies. Our approach is generic in its nature and allows fast adaptation to different types of traffic. We evaluate the approach on a large public dataset of DNS traffic based on 10 days, discovering more than order of magnitude DNS attacks in comparison to auto-regression as a baseline. Moreover, the additional comparison has been made including other common regressors such as Linear Regression, Lasso, Random Forest and KNN, all of them showing the superiority of our approach.",
keywords = "Anomaly detection, Approximate string matching, Similarity measures",
author = "Roni Mateless and Michael Segal",
note = "Publisher Copyright: {\textcopyright} Springer Nature Switzerland AG 2019.; 12th International Conference on Security, Privacy, and Anonymity in Computation, Communication, and Storage, SpaCCS 2019 ; Conference date: 14-07-2019 Through 17-07-2019",
year = "2019",
month = jan,
day = "1",
doi = "https://doi.org/10.1007/978-3-030-24907-6_37",
language = "American English",
isbn = "9783030249069",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "490--504",
editor = "Guojun Wang and Jun Feng and Bhuiyan, {Md Zakirul Alam} and Rongxing Lu",
booktitle = "Security, Privacy, and Anonymity in Computation, Communication, and Storage - 12th International Conference, SpaCCS 2019, Proceedings",
address = "Germany",
}