Kunitaka Kakoi, Yong Jin, N. Yamai, Naoya Kitagawa, M. Tomoishi
{"title":"基于多线程的客户端DNSSEC验证报警系统的缓存功能激活","authors":"Kunitaka Kakoi, Yong Jin, N. Yamai, Naoya Kitagawa, M. Tomoishi","doi":"10.1109/COMPSAC.2017.78","DOIUrl":null,"url":null,"abstract":"Domain Name System (DNS) is one of the most important services of the Internet since most communications normally begin with domain name resolutions provided by DNS. However, DNS has vulnerability against some kind of attacks such as DNS spoofing, DNS cache poisoning, and so on. DNSSEC is an security extension of DNS to provide secure name resolution services by using digital signature based on public key cryptography. However, there are several problems with DNSSEC such as failing resolution in case of validation failure, increasing the load of DNS full resolver, and so on. To mitigate these problems, we proposed a Client Based DNSSEC Validation System. This system performs DNSSEC validation on the client, and in case of validation failure, it forwards the failed response and alerts the user to the fact. However, this system has a problem that it inactivates the cache function of validation library so that it always performs DNSSEC validation even for the same query. In this paper, we report how to solve this problem by multithreading of DNSSEC validation system.","PeriodicalId":6556,"journal":{"name":"2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC)","volume":"02 1","pages":"37-42"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Cache Function Activation on a Client Based DNSSEC Validation and Alert System by Multithreading\",\"authors\":\"Kunitaka Kakoi, Yong Jin, N. Yamai, Naoya Kitagawa, M. Tomoishi\",\"doi\":\"10.1109/COMPSAC.2017.78\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Domain Name System (DNS) is one of the most important services of the Internet since most communications normally begin with domain name resolutions provided by DNS. However, DNS has vulnerability against some kind of attacks such as DNS spoofing, DNS cache poisoning, and so on. DNSSEC is an security extension of DNS to provide secure name resolution services by using digital signature based on public key cryptography. However, there are several problems with DNSSEC such as failing resolution in case of validation failure, increasing the load of DNS full resolver, and so on. To mitigate these problems, we proposed a Client Based DNSSEC Validation System. This system performs DNSSEC validation on the client, and in case of validation failure, it forwards the failed response and alerts the user to the fact. However, this system has a problem that it inactivates the cache function of validation library so that it always performs DNSSEC validation even for the same query. In this paper, we report how to solve this problem by multithreading of DNSSEC validation system.\",\"PeriodicalId\":6556,\"journal\":{\"name\":\"2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC)\",\"volume\":\"02 1\",\"pages\":\"37-42\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-07-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/COMPSAC.2017.78\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMPSAC.2017.78","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cache Function Activation on a Client Based DNSSEC Validation and Alert System by Multithreading
Domain Name System (DNS) is one of the most important services of the Internet since most communications normally begin with domain name resolutions provided by DNS. However, DNS has vulnerability against some kind of attacks such as DNS spoofing, DNS cache poisoning, and so on. DNSSEC is an security extension of DNS to provide secure name resolution services by using digital signature based on public key cryptography. However, there are several problems with DNSSEC such as failing resolution in case of validation failure, increasing the load of DNS full resolver, and so on. To mitigate these problems, we proposed a Client Based DNSSEC Validation System. This system performs DNSSEC validation on the client, and in case of validation failure, it forwards the failed response and alerts the user to the fact. However, this system has a problem that it inactivates the cache function of validation library so that it always performs DNSSEC validation even for the same query. In this paper, we report how to solve this problem by multithreading of DNSSEC validation system.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
