Anomaly analysis on an open DNS dataset
1
School of Computing, University of Portsmouth, Portsmouth, United Kingdom
2
Zananet, Southampton, United Kingdom
3
Coventry University, Coventry, United Kingdom
- Published
- Accepted
- Subject Areas
- Data Mining and Machine Learning, Data Science, Security and Privacy, World Wide Web and Web Science
- Keywords
- Data Analysis, Cyber Security, DNS, EWMA
- Copyright
- © 2018 Aziz et al.
- Licence
- This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, reproduction and adaptation in any medium and for any purpose provided that it is properly attributed. For attribution, the original author(s), title, publication source (PeerJ Preprints) and either DOI or URL of the article must be cited.
- Cite this article
- 2018. Anomaly analysis on an open DNS dataset. PeerJ Preprints 6:e27116v1 https://doi.org/10.7287/peerj.preprints.27116v1
Abstract
The increasing availability of open data and the demand to understand better the nature of anomalies and the causes underlying them in modern systems is encouraging researchers to analyse open datasets in various ways. These include both quantitative and qualitative methods. We show here how quantitative methods, such as timeline, local averages and exponentially weighted moving average analyses, led in this work to the discovery of three anomalies in a large open DNS dataset published by the Los Alamos National Laboratory.
Author Comment
An analysis carried out as part of an MSc project investigating the various methods that can lead to the extraction of information and knowledge from open datasets.