To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.

Summary

DS-0794
Operational Research Data from Internet NAmespace Logs (ORDINAL)
Dataset
JAS Global Advisors, LLC
JAS Global Advisors, LLC
05/31/2017
Data collection is ongoing
39 (lowest rank is 50)

Category & Restrictions

Other
Quasi-Restricted
Unknown

Description


Log data on public-facing Internet hosts resulting from a significant and common DNS misconfiguration

The Domain Name System (DNS) is a method to identify resources on the Internet. Unfortunately, the DNS has historically been misused as an AUTHENTICATION system instead.

The ORDINAL dataset contains robust DNS protocol layer data, select application layer data, standard activity logs, received select transmissions, and packet captures of associated activity originally intended to study the impact of DNS namespace collisions.

The dataset is generated via Internet activity to sensor nodes which are linked to high activity Domain Names. The highest volume names have been used commonly in misconfigurations or in internal environments across the Internet, but none of the names in the ORDINAL dataset have ever to our knowledge, provided services for any public facing purpose other than research data collection and providing awareness of misconfiguration issues.

All sensors operate DNS, SMTP, HTTP, and HTTPS listeners on IPv4 and IPv6. All information received by the sensor nodes is provided unsolicited.    Log data made available under ORDINAL are IP-address anonymized.

Objectives

         * Raise awareness of the "Misuse of the DNS for authentication" issue
         * Improve protocol and application design
         * Help software vendors identify and remediate problems
         * Help system administrators identify and remediate problems
         * Provide data to spam/phishing/malware researchers

What ORDINAL can make available to researchers

         * DNS query logs (named logs)
         * All behavior supports IPv4 and IPv6
         * Open to running experiments (based on risk assessment)
This dataset is the subject of ongoing measurement and data collection. As such the data is continuously growing. Researchers who are granted access will be able to download updates for a period of one year after their request.

Additional Details

4.0GB
Size is growing as more data is collected
true
true
internet mail protocols, metadata, spamming, hyper text transfer protocol secure, packets, transport layer security, 794, namespace collision, host, internet protocol, data protection, https, network packet, traffic, online services, phishing, uniform resource identifier, hypertext transfer protocol, packet capture, dns, internet traffic, information privacy, collision, dns name, port, ip address, dns misconfiguration, dns namespace collision, http, protocol design, operational research data internet namespace log, potentially unwanted program, trust, cybercrime, protocol stack, online help, application design, port 443, jas global advisors, llc, cryptographic protocol, communication protocol, application layer protocols, internet protocol version 4, ipv4, internet protocol version 6, ipv6, pcap, domain name system, query log, domain name, postfix, email, authentication, operational research data from internet namespace logs (ordinal), dns query, malware, smtp, simple mail transfer protocol, port 80, data anonymization, misconfiguration issue, spam, exploit, ordinal