A cache-splitting scheme for DNS recursive server

Domain Name System (DNS) cache poisoning is a kind of computer hacking attack, whereby data are introduced into a DNS name server´s cache database, causing the name server to return an incorrect IP address, diverting traffic to another computer (often controlled by the attacker). In this paper, a novel scheme is proposed in order to make the recursive server more intelligent to handle the cache poisoning attacks. The cache-splitting is adopted in the proposed scheme, in which the credible cache is used to maintain the trustful answers while the incredible cache is used to temporarily maintain the suspicious responses. After the possible attack disappears, the recursive server will resolute the names contained in the incredible cache once again and cache the new answers into the credible cache as usual. The analyzing results show that the recursive serer can handle the responses according to the actual conditions and make use of the caching to optimize the DNS resolutions at the same time.