Cloud Based Big Data DNS Analytics at Turknet

TL;DR

This paper presents a cloud-based big data analytics platform using Apache Spark to analyze DNS traffic, enabling pattern detection and domain grouping for improved business intelligence.

Contribution

It introduces a novel cloud-based big data application for DNS traffic analysis utilizing Spark, with a focus on pattern detection and domain grouping.

Findings

Effective domain grouping based on traffic patterns

Preliminary results demonstrate utility in business intelligence

Scalable analysis of DNS data in real-time

Abstract

Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet. A DNS resolves queries for URLs into IP addresses for the purpose of locating computer services and devices worldwide. As of now, analytical applications with a vast amount of DNS data are a challenging problem. Clustering the features of domain traffic from a DNS data has given necessity to the need for more sophisticated analytics platforms and tools because of the sensitivity of the data characterization. In this study, a cloud based big data application, based on Apache Spark, on DNS data is proposed, as well as a periodic trend pattern based on traffic to partition numerous domain names and region into separate groups by the characteristics of their query traffic time series. Preliminary experimental results on a Turknet DNS data in daily operations are discussed with business intelligence applications.