Key points are not available for this paper at this time.
The paper presents the results of an experimental study of a software tool for DNS traffic data analysis with the involvement of artificial intelligence based on a case-based reasoning (CBR) approach. In order to increase the transparency, reliability, and traceability of AI-assisted analysis of test measurement results, case-based reasoning methods were integrated. The experimental prototype was implemented as a Python client integrated with the Gemini API and operates on a dataset obtained from previous studies, thereby ensuring continuity and comparability of results. The system utilizes a manually defined initial set of cases and autonomously expands it by adding new anomalous cases accompanied by explanatory comments. The experimental results demonstrate that the proposed mechanism supports both targeted anomaly detection and the identification of general deviations in the data. The obtained results confirm the feasibility of using a case-based approach to enhance the transparency and traceability of AI-assisted DNS traffic analysis. At the same time, the experiments revealed clustering effects that may lead to false positive results and incorrect data interpretation, which necessitated a revision of the analysis constraints. Further evaluation confirmed that the introduced changes reduced the identified effect and increased the reliability of anomaly interpretation.
Chepel et al. (Mon,) studied this question.