بایگانی برچسب برای: DNS

Enhancing DNS Security using[taliem.ir]

Enhancing DNS Security using Dynamic Firewalling with Network Agents

In this paper we propose a solution to strengthen the security of Domain Name System (DNS) servers associated with one or more Top Level Domains (TLD). In this way we intend to be able to reduce the security risk when using major internet services, based on DNS. The proposed solution has been developed and tested at FCCN, the TLD manager for the .PT domain. Through the implementation of network sensors that monitor the network in real-time, we are capable to dynamically prevent, detect or limit the scope of attempted intrusions or other types of occurrences to the DNS service. The platform relies heavily on cross- correlation allowing data from a particular sensor to be shared with the others. Administration tasks such as setting up alarms or performing statistical analysis are made through a web-based interface.
A SECURE DOMAIN NAME SYSTEM BASED ON INTRUSION TOLERANCE[taliem.ir]

A SECURE DOMAIN NAME SYSTEM BASED ON INTRUSION TOLERANCE

DNS was not designed to be secure. The biggest security hole in DNS is the lack of support for data integrity authentication, source authentication, and authorization. In this paper, a secure DNS scheme based on intrusion tolerance is proposed. This secure DNS is intrusion-tolerant by using Byzantine intrusion tolerant technique and voting mechanism. The scheme provides high integrity, robustness, and availability of service in the presence of arbitrary failures including failures due to malicious attacks. The proposed scheme consists of 3f+1 tightly coupled replicas per name server and guarantees safety and liveness properties of the system assuming no more than f replicas are faulty. By adding authentification of client and using symmetric key cryptography, the system guarantees a secure communication mechanism by providing a way to detect whether DNS data has been corrupted during communication over the Internet .Experimental results show that the scheme can provide a much higher degree of security and reliability, as well or even better than an implementation of the DNS security extension.
A Fair Solution to DNS Amplification Attacks[taliem.ir]

A Fair Solution to DNS Amplification Attacks

Recent serious security incidents reported several attackers employing IP spoofing to massively exploit recursive name servers to amplify DDoS attacks against numerous networks. DNS amplification attack scenarios utilize DNS servers mainly for performing bandwidth consumption DoS attacks. This kind of attack takes advantage of the fact that DNS response messages may be substantially larger than DNS query messages. In this paper we present a novel, simple and practical scheme that enable administrators to distinguish between genuine and falsified DNS replies. The proposed scheme, acts proactively by monitoring in real time DNS traffic and alerting security supervisors when necessary. It also acts reactively in co- operation with the firewalls by automatically updating rules to ban bogus packets. Our analysis and the corresponding experimental results show that the proposed scheme offers an effective solution, when the specific attack unfolds.