• DocumentCode
    2415150
  • Title

    Security vulnerabilities in DNS and DNSSEC

  • Author

    Ariyapperuma, Suranjith ; Mitchell, Chris J.

  • Author_Institution
    Inf. Security Group, London Univ., Egham
  • fYear
    2007
  • fDate
    10-13 April 2007
  • Firstpage
    335
  • Lastpage
    342
  • Abstract
    We present an analysis of security vulnerabilities in the domain name system (DNS) and the DNS security extensions (DNSSEC). DNS data that is provided by name servers lacks support for data origin authentication and data integrity. This makes DNS vulnerable to man in the middle (MITM) attacks, as well as a range of other attacks. To make DNS more robust, DNSSEC was proposed by the Internet Engineering Task Force (IETF). DNSSEC provides data origin authentication and integrity by using digital signatures. Although DNSSEC provides security for DNS data, it suffers from serious security and operational flaws. We discuss the DNS and DNSSEC architectures, and consider the associated security vulnerabilities
  • Keywords
    Internet; cryptography; data integrity; digital signatures; Internet Engineering Task Force; cryptography; data integrity; data origin authentication; digital signature; domain name system security extensions; name servers; security vulnerabilities; Authentication; Availability; Computer crime; Data security; Databases; Digital signatures; File servers; Information analysis; Information security; TCPIP;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on
  • Conference_Location
    Vienna
  • Print_ISBN
    0-7695-2775-2
  • Type

    conf

  • DOI
    10.1109/ARES.2007.139
  • Filename
    4159821
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2415150