A Formal-Specification Based Approach for Protecting the Domain Name System

Many network applic ationsdep end on the security of the domain name system (DNS). A ttackson DNS can cause denial of service and entity authentication to fail. In our appr oach,we use formal speci c ations to characterize DNS clients and DNS name servers, and to de ne a security goal: A name server should only use DNS data that is consistent with data from name servers that manage the corresponding domains (i.e., authoritative name servers). T o enfor cethe security goal, we formally specify a DNS wrapper that examines the inc oming and the outgoing DNS messages of a name server to dete ctmessages that could cause violations of the security goal, coop erates with the c orresponding authoritative name servers to diagnose those messages, and drops the messages that are identi ed as thr eats. Based on the wrapper sp eci c ation,we implemented a wrapper prototyp eand evaluated its performance. Our experiments show that thewr apper incurs r easonableoverhead and is e e ctive againstDNS attacks such as cache poisoning and certain spoo ng