TU Berlin

Internet Network ArchitecturesAll Publications

Page Content

to Navigation

All publications

Motivation for Behaviour-Based DNS Security: a Taxonomy of DNS-Related Internet Threats
Citation key C-MBBDNTDRIT-07
Title of Book Proceedings of the International Conference on Emerging Security Information, Systems, and Technologies (SECURWARE '07)
Pages 36–41
Year 2007
DOI http://dx.doi.org/10.1109/SECUREWARE.2007.4385307
Address New York, NY, USA
Publisher IEEE
Abstract The Domain Name System is the largest distributed system in operation today and a critical infrastructure component that can be regarded as one nervous system of the current Internet. Because of its critical role DNS is involved in manifold Internet attacks both against the system itself or other Internet hosts. This paper presents an exhaustive analysis of Internet threats involving the DNS classifying them in three categories: name server vulnerabilities, authenticity and integrity attacks, and consumption attacks. Attacks consuming Internet infrastructure resources are inadequately addressed today and from a network operator perspective they remain the major operational security issue. We show that many consumption attacks cause anomalies in DNS traffic, which implies that behaviour-based security on the name servers is a promising research area against this class of Internet attacks.
Download Bibtex entry


Quick Access

Schnellnavigation zur Seite über Nummerneingabe