Sciweavers

IEEEARES
2006
IEEE

Securing DNS Services through System Self Cleansing and Hardware Enhancements

13 years 9 months ago
Securing DNS Services through System Self Cleansing and Hardware Enhancements
-- Domain Name Systems (DNS) provide the mapping between easily-remembered host names and their IP addresses. Popular DNS implementations however contain vulnerabilities that are exploited by frequent, targeted attacks. The software vulnerabilities of DNS together with the constant innovation and morphing of cyber attack techniques necessitate the consideration of the worst case scenarios: there will be successful but undetected attacks against DNS servers. In this work1 we develop a secure DNS architecture that contains the damage of successful, undetected attacks. This formidable end is achieved by constantly cleansing the servers and rotating the role of individual servers. Moreover, the server rotation process itself is protected against corruption by hardware. We will show the advantages of our design in the following areas: (1) protection of the DNS master file and cryptographic keys, (2) incorruptible intrusion tolerance, (3) high availability, and (4) scalability, the support o...
Yih Huang, David Arsenault, Arun Sood
Added 11 Jun 2010
Updated 11 Jun 2010
Type Conference
Year 2006
Where IEEEARES
Authors Yih Huang, David Arsenault, Arun Sood
Comments (0)