About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
sesa 18(14): e3

Research Article

An On-Demand Defense Scheme Against DNS Cache Poisoning Attacks

Download1348 downloads
Cite
BibTeX Plain Text
  • @ARTICLE{10.4108/eai.15-5-2018.154771,
        author={Zheng Wang and Shui Yu and Scott Rose},
        title={An On-Demand Defense Scheme Against DNS Cache Poisoning Attacks},
        journal={EAI Endorsed Transactions on Security and Safety},
        volume={4},
        number={14},
        publisher={EAI},
        journal_a={SESA},
        year={2018},
        month={5},
        keywords={NS Security Extensions, DNS cache poisoning, model checking, query load, success rate.},
        doi={10.4108/eai.15-5-2018.154771}
    }
    
  • Zheng Wang
    Shui Yu
    Scott Rose
    Year: 2018
    An On-Demand Defense Scheme Against DNS Cache Poisoning Attacks
    SESA
    EAI
    DOI: 10.4108/eai.15-5-2018.154771
Zheng Wang1,*, Shui Yu2, Scott Rose1
  • 1: National Institute of Standards and Technology, Gaithersburg, MD 20899, USA
  • 2: School of Information Technology, Deakin University, Burwood, VIC 3125, Australia
*Contact email: zhengwang98@gmail.com

Abstract

The threats of caching poisoning attacks largely stimulate the deployment of DNSSEC. Being a strong but demanding cryptographical defense, DNSSEC has its universal adoption predicted to go through a lengthy transition. Thus the DNSSEC practitioners call for a secure yet lightweight solution to speed up DNSSEC deployment while offering an acceptable DNSSEC-like defense. This paper proposes a new On-Demand Defense (ODD) scheme against cache poisoning attacks, still using but lightly using DNSSEC. In the solution, DNS operates in DNSSEC-oblivious mode unless a potential attack is detected and triggers a switch to DNSSEC-aware mode. The modeling checking results demonstrate that only a small DNSSEC query load is needed by the ODD scheme to ensure a small enough cache poisoning success rate.

Keywords
NS Security Extensions, DNS cache poisoning, model checking, query load, success rate.
Accepted
2018-04-23
Published
2018-05-15
Publisher
EAI
http://dx.doi.org/10.4108/eai.15-5-2018.154771

Copyright © 2018 Zheng Wang et al., licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.

EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL