Alleviating the Impact of DNS DDoS Attacks

Author

Wei-Min, Li ; Lu-Ying, Chen ; Zhen-Ming, Lei

Author_Institution

Sch. of Inf. & Commun. Eng. Technol., Beijing Univ. of Posts & Telecommun., Beijing, China

Volume

1

fYear

2010

fDate

24-25 April 2010

Firstpage

240

Lastpage

243

Abstract

The Domain Name System (DNS) is a critical fundamental service of the Internet that provides mapping between domain names and IP addresses. In the past few years, distributed denial of service (DDoS) attacks aimed at core DNS servers have caused huge losses. In this paper, we present a simple, practical scheme that can significantly reduce the extent of the DNS DDoS attacks. Firstly, we support that DNS servers should not clean-up TTL-expired domain-name records in the cache when they detected that relevant DNS servers are unavailable. Secondly, according to the data of 7-day DNS trace collected from three different DNS servers on the Internet, it shows that the DNS can still work well during DDoS attacks with a simple modification of the caching behavior.

Keywords

security of data; IP addresses; Internet, caching behavior; TTL-expired domain-name records; distributed denial of service attacks; domain name system; domain names; time-to-live value; Communications technology; Computer crime; Computer networks; Domain Name System; IP networks; Information security; Telecommunication computing; Web and internet services; Web server; Wireless communication; DNS; Denial of Service; caching behavior; keepalive;

fLanguage

English

Publisher

ieee

Conference_Titel

Networks Security Wireless Communications and Trusted Computing (NSWCTC), 2010 Second International Conference on

Conference_Location

Wuhan, Hubei

Print_ISBN

978-0-7695-4011-5

Electronic_ISBN

978-1-4244-6598-9

Type

conf

DOI

10.1109/NSWCTC.2010.63

Filename

5480637