International Journal of Networked and Distributed Computing

Volume 8, Issue 1, December 2019, Pages 34 - 40

Proposal and Prototype of DNS Server Firewall with Flexible Response Control Mechanism

Authors
Hideo Masuda1, *, Shun Segawa2, Masayuki Mori1
1Center for Information Science, Kyoto Institute of Technology, 1 Matsugasaki-Hashikami-cho, Sakyo-ku, Kyoto 606-8585, Japan
2Department of Information Science, Kyoto Institute of Technology, 1 Matsugasaki-Hashikami-cho, Sakyo-ku, Kyoto 606-8585, Japan
*Corresponding author. Email: h-masuda@kit.ac.jp
Corresponding Author
Hideo Masuda
Received 13 April 2019, Accepted 18 May 2019, Available Online 6 December 2019.
DOI
https://doi.org/10.2991/ijndc.k.191121.001How to use a DOI?
Keywords
Internet security, Domain Name System (DNS), Distributed Denial of Service (DDoS).
Abstract

Domain Name System (DNS) is an important system for the Internet communication. DNS is a system for distributed management and operation of domain names, and it is possible to associate with the resources such as IP address, instruct the destination host of the e-mail, and so on. On the one hand, it is very serious problem that the damage caused by the service of the DNS server being stopped, and stable operation of the DNS server is essential for stable operation of the Internet. DNS servers may be illegally accessed to make it target or springboard server for attacks such as Distributed Denial of Service (DDos) attacks and DNS reflector attacks. In this paper, we show the analysis of the queries received by our university DNS server. In addition, we propose the method to suppress attacks to DNS servers by deploying the system to monitor access from DNS clients and adaptively manipulating responses of queries from attackers in front of the DNS server based on the analysis. Moreover, we developed the prototype system and evaluated performance of it.

Copyright
© 2019 The Authors. Published by Atlantis Press SARL.
Open Access
This is an open access article distributed under the CC BY-NC 4.0 license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)
View full text (HTML)

Journal
International Journal of Networked and Distributed Computing
Volume-Issue
8 - 1
Pages
34 - 40
Publication Date
2019/12
ISSN (Online)
2211-7946
ISSN (Print)
2211-7938
DOI
https://doi.org/10.2991/ijndc.k.191121.001How to use a DOI?
Copyright
© 2019 The Authors. Published by Atlantis Press SARL.
Open Access
This is an open access article distributed under the CC BY-NC 4.0 license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - JOUR
AU  - Hideo Masuda
AU  - Shun Segawa
AU  - Masayuki Mori
PY  - 2019
DA  - 2019/12
TI  - Proposal and Prototype of DNS Server Firewall with Flexible Response Control Mechanism
JO  - International Journal of Networked and Distributed Computing
SP  - 34
EP  - 40
VL  - 8
IS  - 1
SN  - 2211-7946
UR  - https://doi.org/10.2991/ijndc.k.191121.001
DO  - https://doi.org/10.2991/ijndc.k.191121.001
ID  - Masuda2019
ER  -