Title :
DoX: A Peer-to-Peer Antidote for DNS Cache Poisoning Attacks
Author :
Yuan, Lihua ; Kant, Krishna ; Mohapatra, Prasant ; Chuah, Chen-Nee
Author_Institution :
ECE, UC Davis. lyuan@ece.ucdavis.edu
Abstract :
The mapping service provided by the Domain Name System (DNS) is fundamental not only to the health of the Internet but also to the protection and integrity of the data. Recently, the DNS infrastructure has suffered several malicious attacks including DNS cache poisoning, which causes the DNS to return false name-to-IP mappings and can be used as a foothold for more insidious attacks. This paper proposes DoX, a peer-to-peer based scheme, to detect and correct inaccurate DNS records caused by cache poisoning attacks. DoX also helps DNS servers to improve cache consistency by detecting and removing obsolete records. DoX does not require modifications to the current infrastructure and can be deployed quickly. It does not use cryptographic techniques and thus does not suffer from the key management and processing overhead issues of those techniques.
Keywords :
Computer crime; Data security; Distributed databases; Domain Name System; Electronic mail; Peer to peer computing; Protection; Public key cryptography; Web and internet services; Web server;
Conference_Titel :
Communications, 2006. ICC '06. IEEE International Conference on
Conference_Location :
Istanbul
Print_ISBN :
1-4244-0355-3
Electronic_ISBN :
8164-9547
DOI :
10.1109/ICC.2006.255120
