DNS Protection Against Spoofing and Poisoning Attacks

被引：7

作者：

Hussain, Mohammed Abdulridha ^{[1
,2
]}

Jin, Hai ^{[1
]}

Hussien, Zaid Alaa ^{[1
,3
]}

Abduljabbar, Zaid Ameen ^{[1
,2
]}

Abbdal, Salah H. ^{[1
]}

Ibrahim, Ayad ^{[2
]}

机构：

[1] Huazhong Univ Sci & Technol, Sch Comp Sci & Technol, Serv Comp Technol & Syst Lab, Cluster & Grid Comp Lab, Wuhan 430074, Peoples R China

[2] Univ Basrah, Basrah, Iraq

[3] Southern Tech Univ, Basrah, Iraq

来源：

2016 3RD INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND CONTROL ENGINEERING (ICISCE) | 2016年

关键词：

DNS; DNS-spoofing; DNS cache poisoning; DNS protection;

D O I：

10.1109/ICISCE.2016.279

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Domain name system is among the core part of TCP/IP protocol suite and the standard protocol used by the Internet. The domain name system consists of mapped website names with Internet protocol, which facilitates browsing by not requiring users to remember numeric notation addresses. The nature of the system, which involves transferring information in plain text, makes it vulnerable to security attacks. The domain name system suffers from spoofing and cache poisoning attacks that are intended to steal the private information of users. In this paper, a scheme is proposed to prevent the aforementioned attacks by using an asymmetric cipher to encrypt the important information in messages and to protect these messages from manipulation. The proposed scheme is examined and implemented using Linux platform and C programming language. The proposed scheme protects DNS against spoofing and poisoning attacks while the results show small fraction of delay in time comparing with the applied DNS. There are also additional commercial benefits since it does not result in additional costs.

引用

页码：1308 / 1312

页数：5

共 8 条

[1] [Anonymous], 2535 RFC INT ENG TAS
[2] Bassil R., 2012, ICT 12, P1
[3] Bernstein D.J., 2008, the dns random library interface"
[4] Dagon D, 2008, CCS'08: PROCEEDINGS OF THE 15TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P211
[5] Forouzan BehrouzA., 2010, TCP/IP Protocol Suite, V4th
[6] Mohan Jayashree, 2015, 2015 International Conference on Advanced Computing and Communication Systems (ICACCS). Proceedings, P1, DOI 10.1109/ICACCS.2015.7324091
[7] DNSSEC and Its Potential for DDoS Attacks A Comprehensive Measurement Study
van Rijswijk-Deij, Roland
Sperotto, Anna
Pras, Aiko
[J]. PROCEEDINGS OF THE 2014 ACM INTERNET MEASUREMENT CONFERENCE (IMC'14), 2014, : 449 - 460
[8] Wu H, 2015, IEEE INT CON AUTO SC, P1594, DOI 10.1109/CoASE.2015.7294328

← 1 →