Proposal and Prototype of DNS Server Firewall with Flexible Response Control Mechanism
- https://doi.org/10.2991/ijndc.k.191121.001How to use a DOI?
- Internet security, Domain Name System (DNS), Distributed Denial of Service (DDoS).
Domain Name System (DNS) is an important system for the Internet communication. DNS is a system for distributed management and operation of domain names, and it is possible to associate with the resources such as IP address, instruct the destination host of the e-mail, and so on. On the one hand, it is very serious problem that the damage caused by the service of the DNS server being stopped, and stable operation of the DNS server is essential for stable operation of the Internet. DNS servers may be illegally accessed to make it target or springboard server for attacks such as Distributed Denial of Service (DDos) attacks and DNS reflector attacks. In this paper, we show the analysis of the queries received by our university DNS server. In addition, we propose the method to suppress attacks to DNS servers by deploying the system to monitor access from DNS clients and adaptively manipulating responses of queries from attackers in front of the DNS server based on the analysis. Moreover, we developed the prototype system and evaluated performance of it.
- © 2019 The Authors. Published by Atlantis Press SARL.
- Open Access
- This is an open access article distributed under the CC BY-NC 4.0 license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - JOUR AU - Hideo Masuda AU - Shun Segawa AU - Masayuki Mori PY - 2019 DA - 2019/12 TI - Proposal and Prototype of DNS Server Firewall with Flexible Response Control Mechanism JO - International Journal of Networked and Distributed Computing SP - 34 EP - 40 VL - 8 IS - 1 SN - 2211-7946 UR - https://doi.org/10.2991/ijndc.k.191121.001 DO - https://doi.org/10.2991/ijndc.k.191121.001 ID - Masuda2019 ER -