DNS Blacklist Query Study
Project Members
Ashrith Barthur, William S. Cleveland, and John Gerth
Ashrith Barthur, William S. Cleveland, and John Gerth
Abstract
Spamhaus provides a worldwide service called DNS Blacklisting. SMTP server and other hosts who routinely communicate with unverified hosts across the Internet use this service to verify the reputation of the approaching hosts. For our study we capture the host query response from the Spamhaus mirror at Stanford. In our approach to understanding DNS Blacklist queries we use our analytical environment build upon the D & R framework. We use Hadoop storage and analysis with unique data and analytical centric design optimizations.