Research Article
K-means and adaptive k-means algorithms for clustering DNS traffic
@INPROCEEDINGS{10.4108/icst.valuetools.2011.245598, author={Qinghui Xu and Daniel Migault and stephane senecal and Stanislas Francfort}, title={K-means and adaptive k-means algorithms for clustering DNS traffic}, proceedings={5th International ICST Conference on Performance Evaluation Methodologies and Tools}, publisher={ICST}, proceedings_a={VALUETOOLS}, year={2012}, month={6}, keywords={telecommunication network architecture dns dnssec routing data mining clustering k-means}, doi={10.4108/icst.valuetools.2011.245598} }- Qinghui Xu
Daniel Migault
stephane senecal
Stanislas Francfort
Year: 2012
K-means and adaptive k-means algorithms for clustering DNS traffic
VALUETOOLS
ICST
DOI: 10.4108/icst.valuetools.2011.245598
Abstract
Internet Service Providers' DNS traffic can be up to 120000 queries per second and increases around 8% every month. DNSSEC is expected to replace DNS and brings new challenge to naming resolution with heavy signature check. This paper provides an architecture, where incoming DNS traffic is split according to the DNS query rather than to its IP address, in order to minimize the number of signature checks. To split DNS traffic among the different nodes of the platform, k-means clustering algorithms are considered. This paper proposes an enhancement of the standard algorithm: an adaptive k-means and compares performance of both methods on simulated data from a Gaussian mixture model and on real DNS traffic data from the Orange IP network.