Review of Mitigating DNS DoS Attacks
نویسنده
چکیده
The Domain Name system (DNS) has become a ubiquitous part of modern internet infrastructure that maps numeric IP address to human-readable names. In the recent years, denial of service (DoS) attacks on DNS has a trend to be more serious problems. These attack is mainly related the hierarchical namespace architecture, which is hard to avoid as this architecture are widely deployment in multi-level approach. Therefore, researchers tend to solve this problem by changing its structure, configuring the original setting and enhancing the availability by augmenting its low-level DNS resolver. Such researches significantly improve the reliability and availability against that DoS attack. However, as the numerous solutions it has, there does not exist a standard way to achieve this problem. This paper gives a brief overview of DNS service, and review numerous recent researches tend to solve the DoS attack on DNS service.
منابع مشابه
Mitigating DoS Attacks against the DNS with Dynamic TTL Values
This paper describes and analyzes a new mechanism to mitigate flooding Denial of Service (DoS) attacks against the Domain Name System (DNS). This mechanism is based on increasing the Time To Live (TTL) value of end-host IP addresses (DNS A records) when a name server is being overloaded with DoS attack traffic. This mechanism is most suitable for popular name servers providing authoritative DNS...
متن کاملThe Case for Pushing DNS
The Domain Name System (DNS, [2]) has long been a critical part of the Internet infrastructure. The successful Denial-of-Service (DoS) attacks against Microsoft’s DNS servers in 2001 and the unsuccessful DoS attacks on the root name servers in 2002 have raised concerns about the vulnerability of the DNS. Operators responded by hardening the infrastructure, and using BGP anycast to replicate the...
متن کاملA Simple Approach to DNS DoS Defense
We consider DoS attacks on DNS where attackers flood the nameservers of a zone to disrupt resolution of resource records belonging to the zone and consequently, any of its sub-zones. We argue that a minor change in the caching behavior of DNS resolvers can significantly mitigate the impact of such attacks. In our proposal, DNS resolvers do not completely evict cached records whose TTL has expir...
متن کاملDenial-of-service detection and mitigation for SIP communication networks
The Session Initiation Protocol (SIP) is the multimedia communication protocol of the future. Used for Voice-over-IP (VoIP), Internet Multimedia Subsystem (IMS) and Internet Protocol Television (IPTV), its concepts are based on mature and open standards and its use is increasing rapidly within recent years. However, with its acceptance as a mainstream communication platform, security concerns b...
متن کاملA hybrid multiobjective RBF-PSO method for mitigating DoS attacks in Named Data Networking
Named Data Networking (NDN) is a promising network architecture being considered as a possible replacement for the current IP-based (host-centric) Internet infrastructure. NDN can overcome the fundamental limitations of the current Internet, in particular, Denial-of-Service (DoS) attacks. However, NDN can be subject to new type of DoS attacks namely Interest flooding attacks and content poisoni...
متن کامل