A recursive DNS identification method based on top level domain resolution log

Recursive domain name system (DNS) can be categoraized into different types according to the characteristics in terms of the resolution service openness and the purpose of recursive queries. The accurate identification of recursive DNS types has an important impact on the analysis and operation of root, top level and all levels of authoritative DNS. The accuracy of traditional method based on the character features needs to be further improved. Aiming at the accurate identification of the types of each recursive DNS, this paper first analyzes the query log data from .CN national top level DNS, and then proposes a recursive DNS type identification method based on the observed behavioral characteristics of recursive query. Specifically, this method distills the full amount of log information from multiple dimensions and selects important features based on unsupervised feature selection, in order to realizes accurate clustering of recursive DNS. Experimental results show that this method can identify recursive DNS types efficiently and accurately.