Cybersecurity: EyeDNS Project
Domain Name System Monitoring - EyeDNS Project Overview:
EyeDNS is an informational dashboard for the K-State system administrators to view the DNS logs from K-State. This dashboard provides statistics and averages to provide quick access to information and overall trends in the data. This dashboard also allows you to drill down into more specific information about a specific host or domain that would otherwise take additional time to collect. This dashboard was created two years ago by Alex Bardas, Chandan Chowdhurry, and Matthew French.
While this dashboard has many very useful features, there were three major areas for improvement identified: the design of the dashboard made it harder to use, the dashboard doesn't provide many options for the user to affect what they are seeing, and there is currently no analysis of the security events being generated by this dashboard. Currently, the dashboard just provides the raw data statically and doesn't provide much else to the user. Given these areas of improvement, three different projects were started to improve the dashboard.
Interface Design Project:
As stated above, one of the problems found with this dashboard is that the current layout and design force the user to spend extra time looking for information and determining what information means.
Some of the problems with the current design and layout would be: Throughout the dashboard, there are many different deviations from the central design of the website that make it harder to skim the website. Additionally, the color scheme of the dashboard does not help you find the different sections within the website. There are pieces of information that should be grouped together but that are currently only on the same page.
Given these issues and more issues like these, there is an initiative to redesign the dashboard to make it more intuitive for the user.
This effort is being led by Joy Hauser with the assistance of William Hsu.
User Experience Project:
The User Experience Project was started due to the lack of tailoring currently done for the user. The user currently must scroll through all the information and be exposed to all the information even though they may only care about a fraction of it. The purpose of this project is to use machine learning to filter out the data that might be unnecessary or the components on the website that the user doesn't use on a regular basis so that the user doesn't have unnecessary distractions and can accomplish their job more efficiently.
This project is currently being led by William Hsu.
Security Events Project:
The Security Events Project is the third project to improve the EyeDNS dashboard. This project is primarily focusing on taking the information about the DNS requests and responses being collected and trying to determine if important security events happened. From the requests and responses, we hope to be able to offer suggestions to the system administrators on security events that might need to be addressed that happened in the recent past. Due to the time that the information takes to get to the dashboard, we are only focusing on events that happened in the past for now.
This new feature will prompt the system administrator, informing them about suspicious activity and asking them what they would like to do. We are going to use that to provide a machine learning algorithm so that it can better try to detect when a security event is happening.
The goal of this project is to help the system administrators by providing them with more information so that they have a more complete picture and be able to deal with cyber threats more efficiently.
The participants working on this project are BreAnn Anshutz, Joy Hauser, and Chandan Chowdhury. They are receiving assistance from William Hsu, Chad Currier, Seth Galitzer, and the K-State information technology staff.
EyeDNS BITBUCKET PUBLIC REPO RELEASES: https://bitbucket.org/account/user/kddresearch/projects/EYED
EyeDNS Trello Board: https://trello.com/b/BXz1ufVs
Affiliate Research Groups
Last updated by pozegov on Jul 6, 2023