Algorithms for extraction and visualization of
metadata from Domain Name Server records -- 2010 Third International Conference on Advances in Mesh Networks
A 2-tier Data Hiding Technique Using Exploiting Modification Direction Method...IDES Editor
This paper proposes a 2-tier data hiding technique
that involves Exploiting Modification Direction (EMD) method
and Huffman Coding. Firstly, a secret message of an arbitrary
plain text is encrypted, compressed and transformed into a
stream of bits. Subsequently, the bits are converted into secret
digits by using the Huffman dictionary table. Secondly, a
cover image is segmented into groups of n pixels and each
group is embedded with one secret digit by modifying one
gray-scale value at most to hide the secret digit in (2n+1)-ary
notational system. The experimental results have shown that
both PSNR and payload of the proposed method are higher
than that of well-known methods namely, OPAP, EMD and
Opt EMD.
CUHK System for the Spoken Web Search task at Mediaeval 2012MediaEval2012
The document describes a system for spoken web search using audio queries in multiple languages. It discusses using parallel tokenizers followed by dynamic time warping detection to combine multiple resources for query matching. Unsupervised tokenizers like MFCC-GMM and phoneme recognizers are used to extract posteriorgrams from queries and test utterances. Pseudo-relevance feedback and score normalization are also used. Evaluation on the development and evaluation sets shows the best performance is achieved when combining all tokenizers, pseudo-relevance feedback, and score normalization.
Fast and Effective Worm Fingerprinting via Machine Learningbutest
1) Several machine learning algorithms were evaluated for the task of worm fingerprinting and found to outperform the state-of-the-art Polygraph method.
2) Specifically, the JRip rule learning algorithm achieved zero false positive rates, could detect worms with very few instances, and had linear training time complexity.
3) Introducing a small number of flows with purer labels was found to improve fingerprinting accuracy and reduce the minimum training time needed.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
it is used for security purpose using two level dct and wavelet packet denoising .based on digital image processing.the software based on matlab.it is used for high security purpose.
Advance Digital Video Watermarking based on DWT-PCA for Copyright protectionIJERA Editor
This document presents a digital video watermarking technique based on discrete wavelet transform (DWT) and principal component analysis (PCA). It begins with an introduction to digital watermarking and an overview of spatial and transform domain watermarking methods. The document then describes DWT and PCA in more detail. It presents a watermarking scheme that uses DWT to decompose video frames into frequency subbands, and embeds a watermark into the principal components of the low frequency subband after applying PCA. Experimental results on a test video show the watermarked frames have no visible quality differences from the original and the watermark is robust to various attacks. The technique achieves imperceptibility measured by high peak signal-to-
Dual Steganography for Hiding Video in VideoIJTET Journal
Abstract— Dual Steganography is the process of using Steganography combined with Cryptography. Steganography is the process of hiding confidential data’s in the media files such as audio, images, videos, etc. Cryptography is a branch of mathematics concerned with the study of hiding and revealing information and for proving authorship of messages. In this paper, the Dual Steganography concept has been applied to secure the original videos from unauthorized person. The process has been done by embedding the original video inside another video. Both the videos are converted into frames first. After that, the individual frames of original video are sampled with the frames of another video. After completing the sampling process, the output frames are combined to obtain the encrypted video.
A 2-tier Data Hiding Technique Using Exploiting Modification Direction Method...IDES Editor
This paper proposes a 2-tier data hiding technique
that involves Exploiting Modification Direction (EMD) method
and Huffman Coding. Firstly, a secret message of an arbitrary
plain text is encrypted, compressed and transformed into a
stream of bits. Subsequently, the bits are converted into secret
digits by using the Huffman dictionary table. Secondly, a
cover image is segmented into groups of n pixels and each
group is embedded with one secret digit by modifying one
gray-scale value at most to hide the secret digit in (2n+1)-ary
notational system. The experimental results have shown that
both PSNR and payload of the proposed method are higher
than that of well-known methods namely, OPAP, EMD and
Opt EMD.
CUHK System for the Spoken Web Search task at Mediaeval 2012MediaEval2012
The document describes a system for spoken web search using audio queries in multiple languages. It discusses using parallel tokenizers followed by dynamic time warping detection to combine multiple resources for query matching. Unsupervised tokenizers like MFCC-GMM and phoneme recognizers are used to extract posteriorgrams from queries and test utterances. Pseudo-relevance feedback and score normalization are also used. Evaluation on the development and evaluation sets shows the best performance is achieved when combining all tokenizers, pseudo-relevance feedback, and score normalization.
Fast and Effective Worm Fingerprinting via Machine Learningbutest
1) Several machine learning algorithms were evaluated for the task of worm fingerprinting and found to outperform the state-of-the-art Polygraph method.
2) Specifically, the JRip rule learning algorithm achieved zero false positive rates, could detect worms with very few instances, and had linear training time complexity.
3) Introducing a small number of flows with purer labels was found to improve fingerprinting accuracy and reduce the minimum training time needed.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
it is used for security purpose using two level dct and wavelet packet denoising .based on digital image processing.the software based on matlab.it is used for high security purpose.
Advance Digital Video Watermarking based on DWT-PCA for Copyright protectionIJERA Editor
This document presents a digital video watermarking technique based on discrete wavelet transform (DWT) and principal component analysis (PCA). It begins with an introduction to digital watermarking and an overview of spatial and transform domain watermarking methods. The document then describes DWT and PCA in more detail. It presents a watermarking scheme that uses DWT to decompose video frames into frequency subbands, and embeds a watermark into the principal components of the low frequency subband after applying PCA. Experimental results on a test video show the watermarked frames have no visible quality differences from the original and the watermark is robust to various attacks. The technique achieves imperceptibility measured by high peak signal-to-
Dual Steganography for Hiding Video in VideoIJTET Journal
Abstract— Dual Steganography is the process of using Steganography combined with Cryptography. Steganography is the process of hiding confidential data’s in the media files such as audio, images, videos, etc. Cryptography is a branch of mathematics concerned with the study of hiding and revealing information and for proving authorship of messages. In this paper, the Dual Steganography concept has been applied to secure the original videos from unauthorized person. The process has been done by embedding the original video inside another video. Both the videos are converted into frames first. After that, the individual frames of original video are sampled with the frames of another video. After completing the sampling process, the output frames are combined to obtain the encrypted video.
Multihop Routing In Camera Sensor NetworksChuka Okoye
This poster abstract summarizes an experimental study of multihop routing in camera sensor networks. The experiments tested the Collection Tree Protocol (CTP) using CITRIC camera motes and TelosB motes. The experiments varied payload size and delay between packet transmissions to evaluate data rate, reception rate, and latency over different hop counts. The results show that there is a tradeoff between reception rate and latency. Adding a delay between transmissions can improve both data rate and reception rate compared to best effort transmission. The optimal delay depends on the network density and hop count.
Contribution of Non-Scrambled Chroma Information in Privacy-Protected Face Im...Wesley De Neve
Contribution of Non-Scrambled Chroma Information in Privacy-Protected Face Images to Privacy Leakage. Presentation given at the 10th International Workshop on Digital Forensics and Watermarking (IWDW'11).
Note that a more extensive objective and subjective study of privacy protection in video surveillance systems can be found in the following book chapter:
H. Sohn, D. Lee, W. De Neve, K.N. Plataniotis, and Y.M. Ro. An objective and subjective evaluation of content-based privacy protection of face images in video surveillance systems using JPEG XR. Effective Surveillance for Homeland Security: Balancing Technology and Social Issues. CRC Press / Taylor & Francis. May 2013. pp. 111-140.
http://www.citeulike.org/user/wmdeneve/article/10831550
http://www.crcpress.com/product/isbn/9781439883242
Intrusion Detection using C4.5: Performance Enhancement by Classifier Combina...IDES Editor
Data Security has become a very critical part of any
organizational information system. Intrusion Detection
System (IDS) is used as a security measure to preserve data
integrity and system availability from various attacks. This
paper evaluates the performance of C4.5 classifier and its
combination using bagging, boosting and stacking over NSLKDD
dataset for IDS. This dataset set consists of selected
records of the complete KDD dataset.
Dynamic framed slotted aloha algorithms using fast tag estimationambitlick
This document summarizes a paper that proposes a Dynamic Framed Slotted ALOHA (DFSA) algorithm using a proposed Tag Estimation Method (TEM) to estimate the number of tags around a reader. The DFSA algorithm dynamically allocates the frame size according to the estimated number of tags. Simulation results show the DFSA algorithm has better performance and lower delay than conventional algorithms regardless of the number of tags.
This document provides an overview of steganography. It defines steganography as hiding secret messages within other harmless messages to avoid detection by unauthorized parties. Various steganographic techniques are described, including hiding messages in digital files like images, audio, text and network protocols. Detection of steganography (steganalysis) and applications like digital watermarking and tamper proofing are also discussed. The document concludes by noting the importance of steganography and expectations for further advancement in the field.
This document discusses steganography, which is the art and science of hiding messages. It involves embedding a secret message within another medium such as an image, audio, or video file. The document outlines some problems with current security systems and proposes a steganography system as a solution. It would allow users to embed and retrieve hidden messages and files. The system would use techniques like LSB steganography and encryption to hide data within image files. The document provides an overview of the proposed system's functions, development process, and some limitations of steganography.
Efficient Memory-Reference Checks for Real-time JavaAngelo Corsaro
The scoped-memory feature is central to the Real-Time Specifica- tion for Java. It allows greater control over memory management, in particular the deallocation of objects without the use of a garbage collector. To preserve the safety of storage references associated with Java since its inception, the use of scoped memory is con- strained by a set of rules in the specification. While a program’s adherence to the rules can be partially checked at compile-time, un- decidability issues imply that some—perhaps, many—checks may be required at run-time. Poor implementations of those run-time checks could adversely affect overall performance and predictabil- ity, the latter being a founding principle of the specification.
In this paper we present efficient algorithms for managing scoped memories and the checks they impose on programs. Implementa- tions and results published to date require time linear in the depth of scope nesting; our algorithms operate in constant time. We de- scribe our approach and present experiments quantifying the gains in efficiency.
This document discusses digital steganography, which is the process of hiding secret information within other non-secret files like images, text, audio, or video. It describes the history of steganography and some common techniques used, such as least significant bit modification in images and altering text features. The document also compares steganography to cryptography and digital watermarking, outlines some types and uses of steganography, and discusses steganalysis and the future of the field.
1) The document presents a new associative memory model called SOINN-AM that is designed for online incremental learning in noisy environments.
2) SOINN-AM uses a self-organizing approach where nodes are generated and eliminated autonomously as data is learned, avoiding issues of determining node numbers beforehand like other models.
3) Experiments show SOINN-AM outperforms other associative memory models on incremental learning of new data, many-to-many association, and robustness to noise.
This document is a synopsis submitted for a degree in bachelor of technology. It describes a project on audio steganography, where a secret message is hidden in a digital audio file. The synopsis includes an introduction describing the objective, benefits and scope of the project. It also includes sections on the encoding and decoding algorithms, flow charts, use case and data flow diagrams, and references.
A ppt about steganography which includes Introduction,History,Advantage,technique,Data embedded scheme,Application etc..it is a used for hidding the secret data by an tool and methos which could also be extracts by an extracting file using tool.
The document provides an overview of steganography, including its definition, history, techniques, applications, and future scope. It discusses different types of steganography such as text, image, and audio steganography. For image steganography, it describes techniques such as LSB insertion and compares image and transform domain methods. It also provides examples of steganography tools and their usage for confidential communication and data protection.
Digital watermarking is used for data authentication and copyright protection of digital media files.
Original host files required to recover the watermark operation in non-blind watermark system, which increases
system resources overhead. It also doubles memory capacity and communication band-width. This system uses a
robust video multiple watermarking technique which is based on image interlacing. In this system, a watermark
embedding/extracting is done by using three-level discrete wavelet transform (DWT), Arnold transform is used as
a watermark encryption/ decryption method, and gray image, color image, and video are used as watermarks.
Geometric, noising, format compression, and image processing attacks are used to test this system.
Keywords — Digital watermarking, Image interlacing, Arnold transform, Three level DWT, Authentication,
Security.
This document summarizes three algorithms for audio steganography. Algorithm 1 embeds watermark bits randomly in audio samples. Algorithm 2 embeds bits in the first k elements of each audio segment. Algorithm 3 embeds bits in the first k segments. Algorithm 3 is most imperceptible but least robust, while Algorithm 1 is most robust but least imperceptible. The embedding position affects imperceptibility and robustness, which are inversely related. The document evaluates the algorithms' performance and concludes that changing the embedding position impacts an audio signal's imperceptibility and robustness.
DWT-SMM-based audio steganography with RSA encryption and compressive samplingTELKOMNIKA JOURNAL
Problems related to confidentiality in information exchange are very important in the digital computer era. Audio steganography is a form of a solution that infuses information into digital audio, and utilizes the limitations of the human hearing system in understanding and detecting sound waves. The steganography system applies compressive sampling (CS) to the process of acquisition and compression of bits in binary images. Rivest, Shamir, and Adleman (RSA) algorithms are used as a system for securing binary image information by generating encryption and decryption key pairs before the process is embedded. The insertion method uses statistical mean manipulation (SMM) in the wavelet domain and low frequency sub-band by dividing the audio frequency sub-band using discrete wavelet transform (DWT) first. The optimal results by using our system are the signal-to-noise ratio (SNR) above 45 decibel (dB) and 5.3833 bit per second (bps) of capacity also our system has resistant to attack filtering, noise, resampling and compression attacks.
Psychoacoustic Approaches to Audio Steganography Report Cody Ray
This paper explores methods of audio steganography with emphasis on psychoacoustic approaches. Specifically, it describes a project that had the requirement of hiding a text-based message inside an audio signal with minimal or no distortion of the signal as perceived by the human ear. The theory and experimental results of each approach are discussed.
Recurrent neural networks for sequence learning and learning human identity f...SungminYou
This document provides an overview of recurrent neural networks for sequence learning. It discusses different types of sequence labeling tasks and architectures of neural networks commonly used for sequence learning, including recurrent neural networks, long short-term memory networks, and bidirectional recurrent neural networks. It also summarizes a research paper on using temporal deep neural networks for mobile biometric authentication using inertial sensor data.
A Novel Method for Speaker Independent Recognition Based on Hidden Markov ModelIDES Editor
In this paper, we address the speaker independent
recognition of Chinese number speeches 0~9 based on HMM.
Our former results of inside and outside testing achieved
92.5% and 76.79% respectively. To improve further the
performance, two important features of speech; MFCC and
cluster number of vector quantification, are unified together
and evaluated on various values. The best performance
achieve 96.2% and 83.1% on MFCC Number = 20 and VQ
clustering number = 64.
Speaker identification using mel frequency Phan Duy
This document summarizes a paper that presents a speaker identification system using Mel Frequency Cepstral Coefficients (MFCCs). MFCCs are used to extract features from speech signals that are less susceptible to variations between recordings of the same speaker. Vector quantization is then used to compress the extracted features for matching against enrolled speaker models. The system contains modules for feature extraction using MFCCs and feature matching, which are the two main components of all speaker recognition systems.
Deep Learning Fundamentals Workshop
This hands-on workshop will provide an introduction to deep learning to the participants who are already aware of data science and machine learning techniques but have not worked on deep learning. The course will cover the different types of network architectures that make the foundations of deep learning.
Following topics will be covered:
1. What is deep learning and what are the use cases of it?
2. Introduction to Feed Forward Neural Networks including the hands-on session
3. Building an Image Classifier using Convolutional Natural Networks
4. Applying Recurrent Neural Network and LSTM Network for text classification
5. How to build your own deep learning projects?
Synthetic dialogue generation with Deep LearningS N
A walkthrough of a Deep Learning based technique which would generate TV scripts using Recurrent Neural Network. The model will generate a completely new TV script for a scene, after being training from a dataset. One will learn the concepts around RNN, NLP and various deep learning techniques.
Technologies to be used:
Python 3, Jupyter, TensorFlow
Source code: https://github.com/syednasar/talks/tree/master/synthetic-dialog
Multihop Routing In Camera Sensor NetworksChuka Okoye
This poster abstract summarizes an experimental study of multihop routing in camera sensor networks. The experiments tested the Collection Tree Protocol (CTP) using CITRIC camera motes and TelosB motes. The experiments varied payload size and delay between packet transmissions to evaluate data rate, reception rate, and latency over different hop counts. The results show that there is a tradeoff between reception rate and latency. Adding a delay between transmissions can improve both data rate and reception rate compared to best effort transmission. The optimal delay depends on the network density and hop count.
Contribution of Non-Scrambled Chroma Information in Privacy-Protected Face Im...Wesley De Neve
Contribution of Non-Scrambled Chroma Information in Privacy-Protected Face Images to Privacy Leakage. Presentation given at the 10th International Workshop on Digital Forensics and Watermarking (IWDW'11).
Note that a more extensive objective and subjective study of privacy protection in video surveillance systems can be found in the following book chapter:
H. Sohn, D. Lee, W. De Neve, K.N. Plataniotis, and Y.M. Ro. An objective and subjective evaluation of content-based privacy protection of face images in video surveillance systems using JPEG XR. Effective Surveillance for Homeland Security: Balancing Technology and Social Issues. CRC Press / Taylor & Francis. May 2013. pp. 111-140.
http://www.citeulike.org/user/wmdeneve/article/10831550
http://www.crcpress.com/product/isbn/9781439883242
Intrusion Detection using C4.5: Performance Enhancement by Classifier Combina...IDES Editor
Data Security has become a very critical part of any
organizational information system. Intrusion Detection
System (IDS) is used as a security measure to preserve data
integrity and system availability from various attacks. This
paper evaluates the performance of C4.5 classifier and its
combination using bagging, boosting and stacking over NSLKDD
dataset for IDS. This dataset set consists of selected
records of the complete KDD dataset.
Dynamic framed slotted aloha algorithms using fast tag estimationambitlick
This document summarizes a paper that proposes a Dynamic Framed Slotted ALOHA (DFSA) algorithm using a proposed Tag Estimation Method (TEM) to estimate the number of tags around a reader. The DFSA algorithm dynamically allocates the frame size according to the estimated number of tags. Simulation results show the DFSA algorithm has better performance and lower delay than conventional algorithms regardless of the number of tags.
This document provides an overview of steganography. It defines steganography as hiding secret messages within other harmless messages to avoid detection by unauthorized parties. Various steganographic techniques are described, including hiding messages in digital files like images, audio, text and network protocols. Detection of steganography (steganalysis) and applications like digital watermarking and tamper proofing are also discussed. The document concludes by noting the importance of steganography and expectations for further advancement in the field.
This document discusses steganography, which is the art and science of hiding messages. It involves embedding a secret message within another medium such as an image, audio, or video file. The document outlines some problems with current security systems and proposes a steganography system as a solution. It would allow users to embed and retrieve hidden messages and files. The system would use techniques like LSB steganography and encryption to hide data within image files. The document provides an overview of the proposed system's functions, development process, and some limitations of steganography.
Efficient Memory-Reference Checks for Real-time JavaAngelo Corsaro
The scoped-memory feature is central to the Real-Time Specifica- tion for Java. It allows greater control over memory management, in particular the deallocation of objects without the use of a garbage collector. To preserve the safety of storage references associated with Java since its inception, the use of scoped memory is con- strained by a set of rules in the specification. While a program’s adherence to the rules can be partially checked at compile-time, un- decidability issues imply that some—perhaps, many—checks may be required at run-time. Poor implementations of those run-time checks could adversely affect overall performance and predictabil- ity, the latter being a founding principle of the specification.
In this paper we present efficient algorithms for managing scoped memories and the checks they impose on programs. Implementa- tions and results published to date require time linear in the depth of scope nesting; our algorithms operate in constant time. We de- scribe our approach and present experiments quantifying the gains in efficiency.
This document discusses digital steganography, which is the process of hiding secret information within other non-secret files like images, text, audio, or video. It describes the history of steganography and some common techniques used, such as least significant bit modification in images and altering text features. The document also compares steganography to cryptography and digital watermarking, outlines some types and uses of steganography, and discusses steganalysis and the future of the field.
1) The document presents a new associative memory model called SOINN-AM that is designed for online incremental learning in noisy environments.
2) SOINN-AM uses a self-organizing approach where nodes are generated and eliminated autonomously as data is learned, avoiding issues of determining node numbers beforehand like other models.
3) Experiments show SOINN-AM outperforms other associative memory models on incremental learning of new data, many-to-many association, and robustness to noise.
This document is a synopsis submitted for a degree in bachelor of technology. It describes a project on audio steganography, where a secret message is hidden in a digital audio file. The synopsis includes an introduction describing the objective, benefits and scope of the project. It also includes sections on the encoding and decoding algorithms, flow charts, use case and data flow diagrams, and references.
A ppt about steganography which includes Introduction,History,Advantage,technique,Data embedded scheme,Application etc..it is a used for hidding the secret data by an tool and methos which could also be extracts by an extracting file using tool.
The document provides an overview of steganography, including its definition, history, techniques, applications, and future scope. It discusses different types of steganography such as text, image, and audio steganography. For image steganography, it describes techniques such as LSB insertion and compares image and transform domain methods. It also provides examples of steganography tools and their usage for confidential communication and data protection.
Digital watermarking is used for data authentication and copyright protection of digital media files.
Original host files required to recover the watermark operation in non-blind watermark system, which increases
system resources overhead. It also doubles memory capacity and communication band-width. This system uses a
robust video multiple watermarking technique which is based on image interlacing. In this system, a watermark
embedding/extracting is done by using three-level discrete wavelet transform (DWT), Arnold transform is used as
a watermark encryption/ decryption method, and gray image, color image, and video are used as watermarks.
Geometric, noising, format compression, and image processing attacks are used to test this system.
Keywords — Digital watermarking, Image interlacing, Arnold transform, Three level DWT, Authentication,
Security.
This document summarizes three algorithms for audio steganography. Algorithm 1 embeds watermark bits randomly in audio samples. Algorithm 2 embeds bits in the first k elements of each audio segment. Algorithm 3 embeds bits in the first k segments. Algorithm 3 is most imperceptible but least robust, while Algorithm 1 is most robust but least imperceptible. The embedding position affects imperceptibility and robustness, which are inversely related. The document evaluates the algorithms' performance and concludes that changing the embedding position impacts an audio signal's imperceptibility and robustness.
DWT-SMM-based audio steganography with RSA encryption and compressive samplingTELKOMNIKA JOURNAL
Problems related to confidentiality in information exchange are very important in the digital computer era. Audio steganography is a form of a solution that infuses information into digital audio, and utilizes the limitations of the human hearing system in understanding and detecting sound waves. The steganography system applies compressive sampling (CS) to the process of acquisition and compression of bits in binary images. Rivest, Shamir, and Adleman (RSA) algorithms are used as a system for securing binary image information by generating encryption and decryption key pairs before the process is embedded. The insertion method uses statistical mean manipulation (SMM) in the wavelet domain and low frequency sub-band by dividing the audio frequency sub-band using discrete wavelet transform (DWT) first. The optimal results by using our system are the signal-to-noise ratio (SNR) above 45 decibel (dB) and 5.3833 bit per second (bps) of capacity also our system has resistant to attack filtering, noise, resampling and compression attacks.
Psychoacoustic Approaches to Audio Steganography Report Cody Ray
This paper explores methods of audio steganography with emphasis on psychoacoustic approaches. Specifically, it describes a project that had the requirement of hiding a text-based message inside an audio signal with minimal or no distortion of the signal as perceived by the human ear. The theory and experimental results of each approach are discussed.
Recurrent neural networks for sequence learning and learning human identity f...SungminYou
This document provides an overview of recurrent neural networks for sequence learning. It discusses different types of sequence labeling tasks and architectures of neural networks commonly used for sequence learning, including recurrent neural networks, long short-term memory networks, and bidirectional recurrent neural networks. It also summarizes a research paper on using temporal deep neural networks for mobile biometric authentication using inertial sensor data.
A Novel Method for Speaker Independent Recognition Based on Hidden Markov ModelIDES Editor
In this paper, we address the speaker independent
recognition of Chinese number speeches 0~9 based on HMM.
Our former results of inside and outside testing achieved
92.5% and 76.79% respectively. To improve further the
performance, two important features of speech; MFCC and
cluster number of vector quantification, are unified together
and evaluated on various values. The best performance
achieve 96.2% and 83.1% on MFCC Number = 20 and VQ
clustering number = 64.
Speaker identification using mel frequency Phan Duy
This document summarizes a paper that presents a speaker identification system using Mel Frequency Cepstral Coefficients (MFCCs). MFCCs are used to extract features from speech signals that are less susceptible to variations between recordings of the same speaker. Vector quantization is then used to compress the extracted features for matching against enrolled speaker models. The system contains modules for feature extraction using MFCCs and feature matching, which are the two main components of all speaker recognition systems.
Deep Learning Fundamentals Workshop
This hands-on workshop will provide an introduction to deep learning to the participants who are already aware of data science and machine learning techniques but have not worked on deep learning. The course will cover the different types of network architectures that make the foundations of deep learning.
Following topics will be covered:
1. What is deep learning and what are the use cases of it?
2. Introduction to Feed Forward Neural Networks including the hands-on session
3. Building an Image Classifier using Convolutional Natural Networks
4. Applying Recurrent Neural Network and LSTM Network for text classification
5. How to build your own deep learning projects?
Synthetic dialogue generation with Deep LearningS N
A walkthrough of a Deep Learning based technique which would generate TV scripts using Recurrent Neural Network. The model will generate a completely new TV script for a scene, after being training from a dataset. One will learn the concepts around RNN, NLP and various deep learning techniques.
Technologies to be used:
Python 3, Jupyter, TensorFlow
Source code: https://github.com/syednasar/talks/tree/master/synthetic-dialog
Georgia Tech cse6242 - Intro to Deep Learning and DL4JJosh Patterson
Introduction to deep learning and DL4J - http://deeplearning4j.org/ - a guest lecture by Josh Patterson at Georgia Tech for the cse6242 graduate class.
Deep learning - Conceptual understanding and applicationsBuhwan Jeong
This document provides an overview of deep learning, including conceptual understanding and applications. It defines deep learning as a deep and wide artificial neural network. It describes key concepts in artificial neural networks like signal transmission between neurons, graphical models, linear/logistic regression, weights/biases/activation, and backpropagation. It also discusses popular deep learning applications and techniques like speech recognition, natural language processing, computer vision, representation learning using restricted Boltzmann machines and autoencoders, and deep network architectures.
Introduction to parallel iterative deep learning on hadoop’s next generation...Anh Le
Presented at the recent O’Reilly OSCON – Open Source Convention 2014 by Josh Patterson (Patterson Consulting) and Adam Gibson (Skymind.io) is “Introduction to Parallel Iterative Deep Learning on Hadoop’s Next-Generation YARN Framework.”
This document proposes using deep learning approaches to detect malicious domain names at scale. It presents an architecture that takes raw domain names as input and uses deep neural networks to obtain optimal feature representations and classify domains as benign or malicious. The approach is evaluated on two datasets, one collected internally and one with externally sourced benign and malicious domains. Results show deep learning outperformed classical machine learning algorithms, with over 97% accuracy on the internal test set. Future work could involve collecting and analyzing additional log sources using the proposed architecture to better detect malicious activities within organizations.
ABSTRACT
Malicious use and exploitation of Dynamic Domain Name Services (DDNS) capabilities poses a serious threat to the information security of organisations and businesses. In recent times, many malware writers have relied on DDNS to maintain their Command and Control (C&C) network infrastructure to ensure a persistence presence on a compromised host. Amongst the various DDNS techniques, Domain Generation Algorithm (DGA) is often perceived as the most elusive and difficult to detect using traditional methods. This paper presents an approach for detecting DGA using frequency analysis of the character distribution and the weighted scores of the domain names. The approach’s feasibility is demonstrated using a range of legitimate domains and a number of malicious algorithmically-generated domain names. When a weighted score of < 45 is applied to the Alexa one million list of domain names, only 15% of the domain names were treated as non-human generated.
DETECTION OF ALGORITHMICALLYGENERATED MALICIOUS DOMAIN USING FREQUENCY ANALYSISijcsit
Malicious use and exploitation of Dynamic Domain Name Services (DDNS) capabilities poses a serious threat to the information security of organisations and businesses. In recent times, many malware writers have relied on DDNS to maintain their Command and Control (C&C) network infrastructure to ensure a persistence presence on a compromised host. Amongst the various DDNS techniques, Domain Generation
Algorithm (DGA) is often perceived as the most elusive and difficult to detect using traditional methods. This paper presents an approach for detecting DGA using frequency analysis of the character distribution and the weighted scores of the domain names. The approach’s feasibility is demonstrated using a range of legitimate domains and a number of malicious algorithmically-generated domain names. When a weighted
score of < 45 is applied to the Alexa one million list of domain names, only 15% of the domain names were treated as non-human generated.
This document summarizes recent advances in single image super-resolution (SISR) using deep learning methods. It discusses early SISR networks like SRCNN, VDSR and ESPCN. SRResNet is presented as a baseline method, incorporating residual blocks and pixel shuffle upsampling. SRGAN and EDSR are also introduced, with EDSR achieving state-of-the-art PSNR results. The relationship between reconstruction loss, perceptual quality and distortion is examined. While PSNR improves yearly, a perception-distortion tradeoff remains. Developments are ongoing to produce outputs that are both accurately restored and naturally perceived.
The document discusses deep neural networks (DNN) and deep learning. It explains that deep learning uses multiple layers to learn hierarchical representations from raw input data. Lower layers identify lower-level features while higher layers integrate these into more complex patterns. Deep learning models are trained on large datasets by adjusting weights to minimize error. Applications discussed include image recognition, natural language processing, drug discovery, and analyzing satellite imagery. Both advantages like state-of-the-art performance and drawbacks like high computational costs are outlined.
This presentations explains the foundations of Stream Processing and shows how elegant Stream Processing Architectures can be built by using in synergy DDS and CEP.
Deep neural networks learn hierarchical representations of data through multiple layers of feature extraction. Lower layers identify low-level features like edges while higher layers integrate these into more complex patterns and objects. Deep learning models are trained on large labeled datasets by presenting examples, calculating errors, and adjusting weights to minimize errors over many iterations. Deep learning has achieved human-level performance on tasks like image recognition due to its ability to leverage large amounts of training data and learn representations automatically rather than relying on manually designed features.
The document discusses how cybercriminals increasingly rely on DNS for botnet command and control, as DNS traffic can be used to covertly tunnel botnet communications and evade detection. It notes that botnets use techniques like dynamic DNS services and fluxing domain names to make their command and control architectures more robust and difficult to take down. The whitepaper argues that organizations must monitor and analyze DNS logs to detect if infected devices on their network are participating in botnet command and control activities over DNS.
Exploring and comparing various machine and deep learning technique algorithm...CSITiaesprime
Domain generation algorithm (DGA) is used as the main source of script in different groups of malwares, which generates the domain names of points and will further be used for command-and-control servers. The security measures usually identify the malware but the domain name algorithms will be updating themselves in order to avoid the less efficient older security detection methods. The reason being the older detection methods does not use either the machine learning or deep learning algorithms to detect the DGAs. Thus, the impact of incorporating the machine learning and deep learning techniques to detect the DGA is well discussed. As a result, they can create a huge number of domains to avoid debar and henceforth, block the hackers and zombie systems with the older methods itself. The main purpose of this research work is to compare and analyse by implementing various machine learning algorithms that suits the respective dataset yielding better results. In this research paper, the obtained dataset is pre-processed and the respective data is processed by different machine learning algorithms such as random forest (RF), support vector machine (SVM), Naive Bayes classifier, H20 AutoML, convolutional neural network (CNN), long short-term memory neural network (LSTM) for the classification. It is observed and understood that the LSTM provides a better classification efficiency of 98% and the H20 AutoML method giving the least efficiency of 75%.
This document provides an overview and agenda for a presentation on securing and hardening DNS servers. It discusses configuring DNS servers at both the local system level and network level. At the local level, it recommends partitioning the file system, using chroot jails, firewalls, and access control configurations. At the network level, it discusses topics like limiting services, securing NTP, and managing DNS zones and records. The overall goal is to understand the high-level requirements for securing a DNS server and limiting access to the DNS service.
Mining Development Repositories to Study the Impact of Collaboration on Softw...Nicolas Bettenburg
This document proposes an approach to study the impact of collaboration on software systems through mining development repositories. The approach involves:
I. Extracting communication data such as source code comments, emails, and issue discussions from version control systems, mailing lists, and issue tracking systems.
II. Studying the impact of collaboration on software quality by computing social metrics from the extracted communication data and measuring their relationship to post-release defects.
III. Studying the impact of collaboration on the development community by analyzing data on how code contributions are managed, such as feedback and reviews, to understand how contributors, reviewers, and the software are affected by communication.
Deep learning refers to artificial neural networks with many layers. This document provides an introduction to deep learning and neural networks, including their strengths and weaknesses. It discusses popular deep learning libraries for R like H2O and MXNet. H2O allows users to perform distributed deep learning on large datasets using R. MXNet provides state-of-the-art deep learning models and efficient GPU computing capabilities for R. The document demonstrates how to customize neural networks and run deep learning models with H2O and MXNet in R.
The document discusses building a distributed deep learning engine. It describes deep learning and its applications in areas like speech recognition, image processing, and natural language processing. It then discusses the challenges of deep learning like needing large amounts of data and having large models. The rest of the document details the distributed deep learning platform being built, including a model-parallel engine to partition models across a cluster, distributed parameter servers for coordination, and supporting various deep learning algorithms and use cases.
There millions of websites - 2 or more students should not have .docxbarbaran11
There millions of websites - 2 or more students should not have the same website "choose wisely"
This hands-on guide demonstrates how to conduct "Footprinting of a network" The best way to ensure your infrastructure is secure is to understand the steps an intruder may use to footprint a recon a network.
This exercise is exploratory (no right or wrong answer)
What is Footprinting and is it important?
What are DNS Records and why are they needed?
Find any website and check the DNS records
2. Go to
dnschecker.org
Go through the text records (
A, AAAA, CNAME, MX, NS, PTR, SRV, SOA, TXT, CAA
) In a word document copy and paste the information (Blue Text) of all the Text Record information.
3. Conclusion, what was interesting or stood out to you after checking the DNS records?
Minimum 2 pages
Must be in APA
.
2. II. INFERENCE ALGORITHMS FOR DNS DATA uusofona.pt or ulusofon.pt instead of ulusofona.pt.
Defined by RFC 1034 [8] and RFC 1035 [9], the Domain With the abovementioned algorithms and some
Name System (DNS) protocol is currently the name persistence, the tool is able to infer a good part of the domain
resolution protocol for the Internet. infrastructure, as the algorithms may be activated one or
It embodies a distributed and hierarchical architecture that several at run-time.
allows a fast response to DNS queries. The DNS service The tool was developed in ANSI/ISO C. The
supports several types of queries, being the Address (A) the implementation of the resolver of the DNS tool was achieved
most common. The tool we describe here focus on the using the DNS API from Microsoft Windows, included in the
following DNS fields, Mail Exchanger (MX), Canonical dnsapi.lib library. Socket management was implemented
Name (CNAME), Text (TXT), Host Information (HINFO), using the wsock32.lib from Microsoft Windows. The
Name Server (NS) e Start of Authority (SOA). programming tool used was Microsoft Visual Studio 2008.
The use of standard tools (e.g. nslookup) to discover the The integration of the tool with the visualization
addresses of machines running services such as web services application was achieved using XML. Also to support a large
or email services is not adequate to discover usually less number of queries, the tool deploys threads that run the
visible sub-domains. To infer a map of the available DNS algorithms in simultaneous; otherwise, queuing the generated
information, we implemented four algorithms: Top Level names to a single DNS resolver would result in a long
Domain (TLD) rotation, Brute Force, Dictionary Attack and execution time.
Typing Errors. These algorithms are described as follows: In summary, the main characteristics of the tool include:
TLD Rotation: in this algorithm, the TLD domain suffix 1) Speed: The tool uses multithreading to faster
of the queried address is changed, e.g., while querying processing of the name query queue. IBM Rational
the domain ulusofona.pt, it will also check all other Quantify & PurifyPlus [12] was used to measure
possible combinations, such as, ulusofona.com, execution time and identify memory leaks;
ulusofona.net, and so on. The TLD list is retrieved from 2) Efficient data structures: The tool implements a linked
IANA and IETF [10][11]. list to manage efficiently the semaphores of the
Brute Force: this algorithm checks for all possible threads;
combinations of defined length for the sub-domains of 3) Ease of operation: The tool may be accessed from the
the queried domain. The character set used for the command line and does not require special skills for
combinations is {a..z}, {0..9} or {{a..z}, {0..9}}, e.g., its operation. The output is easily understandable and
for the ulusofona.pt it will check the a.ulusofona.pt, interpretable;
bb.ulusofona.pt, zzz.ulusofona.pt subdomains and so on. 4) Reliability: The effort on efficient memory and error
Dictionary Attack: this algorithm uses a file containing management make the tool very reliable;
words that will be used as a sub-domain query for a 5) Portability: Despite the use of Microsoft Windows
given domain. The quality of the output of this libraries, the core of the tool is ANSI C, so it is
algorithm depends directly from the quality of the used portable to other platforms.
dictionary. For the ulusofona.pt domain, the dictionary
may include words that result in queries such as At this point, we have not done performance comparison
school.ulusofona.pt, university.ulusofona.pt, and so on. with other tools, mostly for two reasons: firstly, the
Typing Errors: with the increase of phishing attacks, it is algorithms that generate the names later to be fed to the DNS
increasingly common for enterprises to register domain resolver are not complex, thus the architecture of the tool
names that resemble the original domain name, as a itself is not determinant on the performance of the tool (some
form of protection against loss of traffic and attacks that other tools also implement threading); secondly, the DNS
may result from users mistyping the correct address in server response time is several orders of magnitude bigger
the address bar. This algorithm uses a combination of than the capability of the name generation algorithms, and so,
three techniques to simulate typing errors: transposition, the performance of the tool is limited by the speed of the
double typing, and missing of a character, and are response of DNS servers. As the DNS server infrastructure a
described as follows: common resource to all the tools, the performance assessment
1) Transposition: this technique foresees the typing of a particular tool has no interest, as any assessment will be
mistake that occurs when the user types the key that is limited by the same performance restriction, the DNS
on the side of the originally intended key. For infrastructure.
example, instead of ulusofona.pt the user types
ylusofona.pt or uluaofona.pt, and so on; III. RESULTS
2) Double typing: pressing the same key twice is a This section presents the results obtained with this tool.
common mistake. This technique generates names that The main goal of the tool is to allow the discovery of less
include a double typing mistake, e.g. uulusofona.pt or visible topologies and relations [13] using the data stored in
ulusoofona.pt and so on; the DNS, and finally to use this information to prevent
3) Missing a key: similarly as before, missing a key is system break-ins [14].
also common. This feature generates names such as Figure 1 shows some results when the tool is used with the
82
3. TLD Rotation algorithm for the domain ulusofona.pt. As the
type of DNS information requested is not specified, the tool D:>txdns -rt ulusofona.pt -rr MX
assumes that it must retrieve the Address (A) field from the -----------------------------------------------
TXDNS (http://netlab.ulusofona.pt/id) 0.1.2
DNS record. It is visible in Figure 1 as the use of this -----------------------------------------------
algorithm brings 37 new hosts to our name catalogue. > ulusofona.mp - forwarding.chi.mp
Figure 2 shows a similar query, but specifying for the > ulusofona.tk - MX-HOST.DOT.tk
> ulusofona.pt - mtorga.ulusofona.pt
retrieval of Mail Exchange records (MX). > ulusofona.nhs.uk - mail.nhs.uk
Figure 3 shows a brute force query on the microsoft.com ----------------------------------------------
domain. The length of the sub-domain is defined with a Resolved names: 4
minimum of 1 and a maximum of 3. As the character set for Failed queries: 1445
Total queries: 1449
the combinations is not specified, the tool assumes the ------------------------------------------------
{{a..z}, {0..9}} character set. This run-time includes the Fig. 2. Using the Top Level Domain rotation algorithm for search of (MX)
definition of 20 threads. records on the DNS database for the ulusofona.pt domain.
Viewing the results shown in Figure 3, one may find odd
D:>txdns -bb --min 1 --max 3 microsoft.com -x 20
that the well-known www.microsoft.com host is not detected. -----------------------------------------------
To look for this, we will run the tool again, but this time we TXDNS (http://netlab.ulusofona.pt/id) 0.1.2
will search for the Canonical Name (CNAME) record of the -----------------------------------------------
> m.microsoft.com - 65.55.186.23
DNS entry. Figure 4 shows the output. > ea.microsoft.com - 131.107.88.60
> eu.microsoft.com - 207.46.197.32
D:>txdns -rt ulusofona.pt > ea.microsoft.com - 131.107.88.60
------------------------------------------------ > fs.microsoft.com - 131.107.0.125
TXDNS (http://netlab.ulusofona.pt/id) 0.1.2 > ga.microsoft.com - 207.46.197.32
------------------------------------------------ > ga.microsoft.com - 207.46.232.182
> ulusofona.com.ph - 203.119.4.28 …(partially omitted results) …
> ulusofona.cg - 64.18.138.88 > sip.microsoft.com - 131.107.106.16
> ulusofona.kr - 222.231.8.226 > smm.microsoft.com - 65.55.100.45
> ulusofona.mp - 75.101.130.205 > tag.microsoft.com - 207.46.140.29
> ulusofona.net.ph - 203.119.4.28 > vua.microsoft.com - 65.54.96.220
> ulusofona.ph - 203.119.4.28 > vua.microsoft.com - 65.54.96.220
> ulusofona.ngo.ph - 203.119.4.28 > wer.microsoft.com - 65.55.22.188
> ulusofona.org.ph - 203.119.4.28 > wsp.microsoft.com - 207.46.248.105
> ulusofona.i.ph - 203.119.4.38 -----------------------------------------------
> ulusofona.mil.ph - 203.119.4.28 Resolved names: 54
> ulusofona.nu - 62.4.64.119 Failed queries: 19706
> ulusofona.rw - 64.18.138.88 Total queries: 19760
> ulusofona.gouv.rw - 64.18.138.88 ------------------------------------------------
> ulusofona.st - 195.178.186.40 Fig. 3. Using the Brute Force algorithm to search of (A) records on the DNS
> ulusofona.tk - 193.33.61.2 database for the microsoft.com domain.
> ulusofona.co.st - 195.178.186.40
> ulusofona.ws - 64.70.19.33
> ulusofona.com - 208.73.210.27 D:> txdns -bb --min 1 --max 3 microsoft.com -x
> ulusofona.com.ba - 195.222.33.180 20 -rr CNAME
> ulusofona.com.cn - 218.241.97.60 -----------------------------------------------
> ulusofona.kr - 222.231.8.226 TXDNS (http://netlab.ulusofona.pt/id) 0.1.2
> ulusofona.a.nf - 88.191.93.163 -----------------------------------------------
> ulusofona.ph - 203.119.4.28 > s.microsoft.com - reroute.microsoft.com
> ulusofona.gob.ve - 150.188.4.235 > c.microsoft.com - c.microsoft.akadns.net
> ulusofona.vn - 72.52.194.126 > g.microsoft.com - g.msn.com
> ulusofona.biz.vn - 72.52.194.126 …(partially omitted results) …
> ulusofona.edu.vn - 72.52.194.126 > www.microsoft.com - toggle.www.ms.akadns.net
> ulusofona.gov.vn - 203.119.8.111 -----------------------------------------------
> ulusofona.net.vn - 72.52.194.126 Resolved names: 38
> ulusofona.org.vn - 72.52.194.126 Failed queries: 19722
> ulusofona.int.vn - 72.52.194.126 Total queries: 19760
> ulusofona.health.vn - 72.52.194.126 -----------------------------------------------
> ulusofona.ac.vn - 72.52.194.126 Fig. 4. Using the Brute Force algorithm to search of (CNAME) records on
> ulusofona.com.vn - 72.52.194.126 the DNS database for the microsoft.com domain.
> ulusofona.info.vn - 72.52.194.126
> ulusofona.name.vn - 72.52.194.126
The expected www.microsoft.com is now visible in Figure
> ulusofona.pro.vn - 72.52.194.126
------------------------------------------------ 4, and this may be used as an example of the importance of
Resolved names: 37 the different records on the DNS entry.
Failed queries: 1412 Figure 5 shows the results of a query using a dictionary on
Total queries: 1449
-----------------------------------------------
the microsoft.com domain. The efficiency of this algorithm
depends exclusively of the quality of the used dictionary. For
Fig. 1. Using the Top Level Domain rotation algorithm for search of (A)
records on the DNS database for the ulusofona.pt domain. this example, a dictionary of 580 words was used.
83
4. Dictionaries such as the one used are available on the 1. Dictionary query with TLD rotation query for (A)
Internet, in several languages. and for (TXT) records:
Figure 6 shows the use of the algorithm simulating typing txdns –rt -f namelist.txt dominio.com
errors on the google.com domain. It is visible how similar txdns –rt -f namelist.txt dominio.com –rr TXT
names generate DNS responses.
2. TLD rotation with typing errors for (MX) and
(HINFO) records:
D:> txdns -f namelist.txt microsoft.com
-----------------------------------------------
txdns –rt –t dominio.com –rr MX
TXDNS (http://netlab.ulusofona.pt/id) 0.1.2 txdns –rt –t dominio.com –rr HINFO
-----------------------------------------------
> accounting.microsoft.com - 207.46.131.251 3. Typing errors and dictionary queries for (SOA)
> agent.microsoft.com - 207.46.197.32
> billing.microsoft.com - 65.54.159.250
and (NS) records:
> channels.microsoft.com - 207.46.232.182 txdns –t –f namelist.txt dominio.com –rr SOA
> directory.microsoft.com - 131.107.115.87 txdns –t –f namelist.txt dominio.com –rr NS
> design.microsoft.com - 207.46.232.182
> example.microsoft.com - 207.46.197.32
…(partially omitted results) … Worthy of note is the fact that a query for a (A) record may
> rss.microsoft.com - 207.46.232.182 result in more than on IP address, e.g. the query for
> sharepoint.microsoft.com - 207.46.105.139 www.microsoft.com may return one or more IP addresses.
> services.microsoft.com - 207.46.132.190
The tool includes the possible use of the –v parameter that
> shop.microsoft.com - 207.46.232.182
> smtp.microsoft.com - 205.248.106.32 allows the display of detailed information on a given query.
> transfer.microsoft.com - 207.46.236.112 Figure 7 shows the result of a query for TLD rotation test on
> ts.microsoft.com - 131.107.106.15 the ulusofona.pt domain.
> windows.microsoft.com - 65.55.81.30
-----------------------------------------------
We can see as this query now returns not only one result
Resolved names: 42 for the ulusofona.pt domain, but two results, the first one for
Failed queries: 538 mtorga.ulusofona.pt and the second one for
Total queries: 580 smtp.empresas.novis.pt.
-----------------------------------------------
Fig. 5. Using the Dictionary algorithm to search of (A) records on the DNS
database for the microsoft.com domain. D:>txdns -rt ulusofona.pt -rr MX -v
----------------------------------------------
TXDNS (http://netlab.ulusofona.pt/id) 0.1.2
D:> txdns -t google.com ----------------------------------------------
----------------------------------------------- > ulusofona.mp - forwarding.chi.mp
TXDNS (http://netlab.ulusofona.pt/id) 0.1.2 > ulusofona.tk - mx-host.dot.tk
----------------------------------------------- > ulusofona.pt - mtorga.ulusofona.pt
> hoogle.com - 64.202.189.170 | smtp.empresas.novis.pt
> voogle.com - 85.17.35.48 > ulusofona.nhs.uk - mail.nhs.uk
> yoogle.com - 82.98.86.169 ----------------------------------------------
> boogle.com - 70.38.37.248 Resolved names: 4
> foogle.com - 64.13.232.120 Failed queries: 1445
> gkogle.com - 82.98.86.165 Total queries: 1449
> giogle.com - 208.87.33.151 -----------------------------------------------
…(partially omitted results) … Fig. 7. Using the TLD rotation algorithm to search of (MX) records on the
> gooogle.com - 74.125.91.104 DNS database for the ulusofona.pt domain, with the –v parameter allowing a
> gooogle.com - 74.125.91.104 complete view of all the data retrieved from the DNS resolver.
> ggoogle.com - 64.233.161.104
> googgle.com - 208.73.210.50
> googlr.com - 64.233.161.104
> googlle.com - 69.46.228.38 IV. INTEGRATION WITH THE VISUALIZATION TOOL
> googlee.com - 64.233.161.104 Matelgo [7] is an Open Source solution, developed in Java
-----------------------------------------------
Resolved names: 38 by the company Paterva. It is oriented to forensic analysis
Failed queries: 19722 and includes a sophisticated graphical engine that allows the
Total queries: 19760 graphical representation of the information in a user friendly
----------------------------------------------- and intuitive manner.
Fig. 6. Using the Typing errors algorithm to search of (A) records on the
DNS database for the google.com domain. The integration of the tool with Maltego was achieved by
implementing an option that modifies the standard output of
The use of a single algorithm generates a large volume of the program (stdout) to an XML stream formatted according
metadata, as one may deduce from the previously shown to Paterva rules.
figures. Yet the tool allows us to create scenarios that include To integrate the output, it is necessary to create inside
more than one algorithm. Some examples may be seen next, Maltego the customized transformation resources to our tool.
and as the extension of the output is long, the results shown Once created the resource, it is necessary to add a Domain or
in Figure 7 are clipped: DNSName object to Maltego workspace, applying the created
84
5. transformation resource. Figure 8 shows the visualization of Given the results the tool is able to return, we believe that
the result previously observed in Figure 1. it shows great potential for use in network security tests, such
Besides of the graphical representation of the results of the as, e.g. penetration tests. Further research will include
queries, Maltego allows us to create new queries on top of handling DNS records for IPv6. The tool and its source code
previous results. This may result in a complex tree of are available at http://netlab.ulusofona.pt/id.
information that exposes in a intuitive manner the DNS
structure of a given domain. ACKNOWLEGEMENTS
Figure 9 shows the graphical representation of the TLD
Authors acknowledge the help of Paterva, in particular
rotation query performed on the google.com domain,
Roelof Temmingh and Andrew MacPherson.
followed by a dictionary query on the same domain.
REFERENCES
[1] Stahl, M: RFC 1032: DOMAIN ADMINISTRATORS GUIDE (last
accessed the 7th April 2010), http://tools.ietf.org/html/rfc1032
[2] Lottor, M: RFC 1033: DOMAIN ADMINISTRATORS OPERATIONS
GUIDE (last accessed the 7th April 2010),
http://tools.ietf.org/html/rfc1033
[3] dnsmap, Passive DNS network mapper a.k.a. subdomains bruteforcer,
(last accessed 7th April 2010), http://code.google.com/p/dnsmap/
[4] dnsenum, enumerate DNS info about domains, (last accessed 7th April
2010) http://code.google.com/p/dnsenum/
[5] DioNiSio, DNS scanner, (last accessed 7th April 2010),
http://dionisio.sourceforge.net/
[6] Fierce Domain Scanner, (last accessed 7th April 2010),
http://ha.ckers.org/fierce/
[7] Paterva Maltego, (last accessed the 7th April 2010),
http://www.paterva.com/maltego/
[8] Mockapetris, P: RFC 1034: Domain Names – Concepts and Facilities
(last accessed 7th April 2010), http://tools.ietf.org/html/rfc1034
[9] Mockapetris, P: RFC 1035: Domain Names – Implementation and
Specifications (last accessed the 7th April 2010),
Fig.8. Graphical representation of the results obtained with TLD rotation http://tools.ietf.org/html/rfc1035
query for the (A) records on the ulusofona.pt domain. [10] IANA Root Zone Database, (last accessed the 7th April 2010),
http://www.iana.org/domains/root/db/#
[11] Eastlake, D., Panitz, A.: RFC 2606: Reserved Top Level DNS Names
(last accessed the 7th April 2010), http://tools.ietf.org/html/rfc2606
[12] IBM Rational PurifyPlus, (last accessed the 7th April 2010),
http://www-01.ibm.com/software/awdtools/purify/
[13] Samwalla, R., Sharma, R., Keshav, S.: Discovering Internet Topology,
Cornell University, (last accessed the 7th April 2010),
http://www.cs.cornell.edu/skeshav/papers/discovery.pdf
[14] Bellovin, S.: Using the domain name system for system break-ins,
1995, (last accessed the 7th April 2010), http://www.usenix.org/
publications/library/proceedings/security95/full_papers/bellovin.pdf
Fig.9. Graphical representation of the TLD rotation query on the (A)
records for the google.com followed by a dictionary query on the same
domain.
V. CONCLUSIONS
This research focused on harvesting DNS metadata, by
using inference algorithms for the generation of names that
were subsequently fed to a DNS name resolver. For that
purpose a specific tool was built, using a standard
programming language. Furthermore, as to allow a more
intuitive visualization of the results, the tool was integrated
with a commercial graphical package.
85