A Multi-Path Approach to Protect DNS Against DDoS Attacks

Q3 Computer Science

Journal of Cyber Security and Mobility Pub Date : 2023-06-30 DOI:10.13052/jcsm2245-1439.1246

S. Alouneh

{"title":"A Multi-Path Approach to Protect DNS Against DDoS Attacks","authors":"S. Alouneh","doi":"10.13052/jcsm2245-1439.1246","DOIUrl":null,"url":null,"abstract":"Domain Name System (DNS) is considered a vital service for the internet and networks operations, and practically this service is configured and accessible across networks’ firewall. Therefore, attackers take advantage of this open configuration to attack a network’s DNS server in order to use it as a reflector to achieve Denial of Service (DoS) attacks. Most of protection methods such as intrusion prevention and detection systems use blended tactics such as blocked-lists for suspicious sources, and thresholds for traffic volumes to detect and defend against DoS flooding attacks. However, these protection methods are not often successful. In this paper, we propose a new method to sense and protect DNS systems from DoS and Distributed DoS (DDoS) attacks. The main idea in our approach is to distribute the DNS request mapping into more than one DNS resolver such that an attack on one server should not affect the entire DNS services. Our approach uses the Multi-Protocol Label Switching (MPLS) along with multi-path routing to achieve this goal. Also, we use threshold secret sharing to code the distributed DNS requests. Our findings and results show that this approach performs better when compared with the traditional DNS structure.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"9 1","pages":"569-588"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cyber Security and Mobility","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.13052/jcsm2245-1439.1246","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

Abstract

Domain Name System (DNS) is considered a vital service for the internet and networks operations, and practically this service is configured and accessible across networks’ firewall. Therefore, attackers take advantage of this open configuration to attack a network’s DNS server in order to use it as a reflector to achieve Denial of Service (DoS) attacks. Most of protection methods such as intrusion prevention and detection systems use blended tactics such as blocked-lists for suspicious sources, and thresholds for traffic volumes to detect and defend against DoS flooding attacks. However, these protection methods are not often successful. In this paper, we propose a new method to sense and protect DNS systems from DoS and Distributed DoS (DDoS) attacks. The main idea in our approach is to distribute the DNS request mapping into more than one DNS resolver such that an attack on one server should not affect the entire DNS services. Our approach uses the Multi-Protocol Label Switching (MPLS) along with multi-path routing to achieve this goal. Also, we use threshold secret sharing to code the distributed DNS requests. Our findings and results show that this approach performs better when compared with the traditional DNS structure.

查看原文本刊更多论文

多路径防御DDoS攻击

域名系统(DNS)被认为是互联网和网络运营的重要服务，实际上，这项服务是通过网络防火墙配置和访问的。因此，攻击者利用这种开放配置攻击网络的DNS服务器，将其作为反射器来实现拒绝服务(DoS)攻击。大多数防御方法，如入侵防御和检测系统，使用混合策略，如可疑源的阻止列表和流量阈值来检测和防御DoS洪水攻击。然而，这些保护方法往往不成功。本文提出了一种检测和保护DNS系统免受DoS和分布式DoS (DDoS)攻击的新方法。我们方法的主要思想是将DNS请求映射分布到多个DNS解析器中，这样对一个服务器的攻击就不会影响整个DNS服务。我们的方法使用多协议标签交换(MPLS)和多路径路由来实现这一目标。此外，我们还使用阈值秘密共享对分布式DNS请求进行编码。我们的研究结果表明，与传统的DNS结构相比，这种方法的性能更好。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Cyber Security and Mobility Computer Science-Computer Networks and Communications

CiteScore

2.30

自引率

0.00%

发文量

期刊介绍： Journal of Cyber Security and Mobility is an international, open-access, peer reviewed journal publishing original research, review/survey, and tutorial papers on all cyber security fields including information, computer & network security, cryptography, digital forensics etc. but also interdisciplinary articles that cover privacy, ethical, legal, economical aspects of cyber security or emerging solutions drawn from other branches of science, for example, nature-inspired. The journal aims at becoming an international source of innovation and an essential reading for IT security professionals around the world by providing an in-depth and holistic view on all security spectrum and solutions ranging from practical to theoretical. Its goal is to bring together researchers and practitioners dealing with the diverse fields of cybersecurity and to cover topics that are equally valuable for professionals as well as for those new in the field from all sectors industry, commerce and academia. This journal covers diverse security issues in cyber space and solutions thereof. As cyber space has moved towards the wireless/mobile world, issues in wireless/mobile communications and those involving mobility aspects will also be published.