Tag Archives: software

mtracecap: New utility for multi-point capture released

mtracecap v0.1 (beta) has been released (available at https://ant.isi.edu/software/mtracecap/index.html) This tool is designed to capture packets from multiple sources and write its output to a single file.  Its build requires a local install of libtrace library (version 4.0 or older) … Continue reading

Posted in Software releases | Tagged , , , , , , , , , | Leave a comment

timefind v1.0.3 released with recursion support

timefind v1.0.3 has been released (available at https://ant.isi.edu/software/timefind/). indexer and timefind will handle the indexing and selection of multiple network data types given some time range. Major changes in 1.0.3 include: new file processors for .csv, .fsdb, syslog, and BGP/MRT … Continue reading

Posted in Uncategorized | Tagged , , , , | Leave a comment

new software dnsanon_rssac

We have released version 1.3 of dnsanon_rssac on 2016-06-13, a tool that processes DNS data seen in packet captures (typcally pcap format) to generate RSSAC-002 statistics reports. Our tool is at https://ant.isi.edu/software/dnsanon_rssac/index.html, with a description at https://ant.isi.edu/software/dnsanon_rssac/README.html .  Our tool builds on … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

new workshop paper “BotDigger: Detecting DGA Bots in a Single Network” in TMA 2016

The paper “BotDigger: Detecting DGA Bots in a Single Network” has appeared at the TMA Workshop on April 8, 2016 in Louvain La Neuve, Belgium (available at http://www.cs.colostate.edu/~hanzhang/papers/BotDigger-TMA16.pdf). The code of BotDigger is available on GitHub at: https://github.com/hanzhang0116/BotDigger From the abstract: To improve the … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , | Leave a comment

new technical report “BotDigger: Detecting DGA Bots in a Single Network”

We have released a new technical report “BotDigger: Detecting DGA Bots in a Single Network”, CS-16-101, available at http://www.cs.colostate.edu/~hanzhang/papers/BotDigger-techReport.pdf The code of BotDigger is available on GitHub at: https://github.com/hanzhang0116/BotDigger From the abstract: To improve the resiliency of communication between bots and C&C … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , | Leave a comment

timefind v1.0.2.2 released

timefind v1.0.2.2 has been released (available at https://ant.isi.edu/software/timefind/). Scientists at Los Alamos National Laboratory and at USC/ISI have developed two tools to handle indexing and selection of multiple network data types: indexer and timefind. Most of us have processed large … Continue reading

Posted in Uncategorized | Tagged , , , , | Leave a comment

Digit tool for T-DNS privacy updated to match current internet-draft

Digit is our DNS client side tool that can perform DNS queries via different protocols such as UDP, TCP, TLS. This tool is primarily designed to evaluate the client side latency of using DNS over TCP/TLS. IANA has allocated port 853 … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , | Leave a comment

new conference paper “Detecting Malicious Activity with DNS Backscatter”

The paper “Detecting Malicious Activity with DNS Backscatter” will appear at the ACM Internet Measurements Conference in October 2015 in Tokyo, Japan.  A copy is available at http://www.isi.edu/~johnh/PAPERS/Fukuda15a.pdf). From the abstract: Network-wide activity is when one computer (the originator) touches many … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

new conference paper “Connection-Oriented DNS to Improve Privacy and Security” in Oakland 2015

The paper “Connection-Oriented DNS to Improve Privacy and Security” will appear at the 36th IEEE Symposium on Security and Privacy in May 2015 in San Jose, CA, USA  (available at http://www.isi.edu/~liangzhu/papers/Zhu15b.pdf) From the abstract: The Domain Name System (DNS) seems ideal for connectionless … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , | Leave a comment

new conference paper “BotTalker: Generating Encrypted, Customizable C&C Traces” in HST 2015

The paper “BotTalker: Generating Encrypted, Customizable C&C Traces” will appear at the 14th annual IEEE Symposium on Technologies for Homeland Security (HST ’15) in April 2015 (available at http://www.cs.colostate.edu/~zhang/papers/BotTalker.pdf) From the abstract: Encrypted botnets have seen an increasinguse  in recent years. To enable research … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , | Leave a comment