Your browser doesn't support the features required by impress.js, so you are presented with a simplified version of this presentation.

For the best experience please use the latest Chrome, Safari or Firefox browser.

eyeDNS: Monitoring a University Campus Network

Chandan Chowdhury, Dalton A. Hahn, Matthew R. French, Eugene Y. Vassermann
Kansas State University

Pratyusa K. Manadhata
Micro Focus

Alexandru G. Bardas
University of Kansas

Domain Name System (DNS)

Image source:

DNS Traffic on a University Network

Campus Infrastructure

Monitored campus network:

Data Collection

eyeDNS Dashboards

Significance of Collected Data - Coverage

Data Sources

Originating sources:

Statistics of Collected Data

Analysis and Findings

Algorithmically Generated Domains: DGArchive* maintains a database of algorithmically generated domains associated with various malware families (reverse-engineered malware)

eyeDNS with DGArchive

Suspicious and Anomalous Findings (1/3)

Web Proxy Auto Discovery (WPAD):

Suspicious and Anomalous Findings (2/3)

Signs of Scams:

Suspicious and Anomalous Findings (3/3)

Network Rerouting:



Color Schemes

Presentation color schemes: