| Presentation | 2020-04-16 A Proposal of FQDN-based Whitelist Filter on DNS Cache Server against DNS Water Torture Attack Keita Hasegawa, Daishi Kondo, Hideki Tode, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | A Distributed Denial of Service (DDoS) attack is a major social issue, and as one of the DDoS incidents, a Domain Name Service (DNS) DDoS attack against Dyn DNS, which is a DNS provider, caused the outage of several web services in 2016. This paper tackles a DNS water torture attack that was observed in the Dyn cyberattack. In the DNS water torture attack, attackers create a large number of unique Fully Qualified Domain Names (FQDNs) with random labels, send them to DNS cache servers and authoritative DNS servers, and collapse these servers. In order to reduce an impact of this attack, serverd on a countermeasures on DNS cache servers have been presented. However, one serious drawback of conventional countermeasures is that they cannot detect malicious DNS queries generated by an advanced DNS water torture attack, and therefore, the threat of this attack still remains. Against this disadvantage, we propose an FQDN-based whitelist filter that registers actually existed FQDNs and drops non-existed FQDNs that are created by the attackers. This whitelist can reduce a negative impact by falsely dropping legitimate DNS queries while eliminating malicious ones. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | DNS Water Torture Attack / DNS Cache Server / FQDN / Whitelist Filter |
| Paper # | NS2020-2 |
| Date of Issue | 2020-04-09 (NS) |
| Conference Information | |
| Committee | NS |
|---|---|
| Conference Date | 2020/4/16(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | KAIKYO MESSE SHIMONOSEKI |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Traffic, Network evaluation, Performance, Resource control and management, Traffic engineering, Network reliability and resilience, Network Intelligence and AI, etc. |
| Chair | Yoshikatsu Okazaki(NTT) |
| Vice Chair | Akihiro Nakao(Univ. of Tokyo) |
| Secretary | Akihiro Nakao(Osaka Pref Univ.) |
| Assistant | Shinya Kawano(NTT) |
| Paper Information | |
| Registration To | Technical Committee on Network Systems |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Proposal of FQDN-based Whitelist Filter on DNS Cache Server against DNS Water Torture Attack |
| Sub Title (in English) | |
| Keyword(1) | DNS Water Torture Attack |
| Keyword(2) | DNS Cache Server |
| Keyword(3) | FQDN |
| Keyword(4) | Whitelist Filter |
| 1st Author's Name | Keita Hasegawa |
| 1st Author's Affiliation | Osaka Prefecture University(OPU) |
| 2nd Author's Name | Daishi Kondo |
| 2nd Author's Affiliation | Osaka Prefecture University(OPU) |
| 3rd Author's Name | Hideki Tode |
| 3rd Author's Affiliation | Osaka Prefecture University(OPU) |
| Date | 2020-04-16 |
| Paper # | NS2020-2 |
| Volume (vol) | vol.120 |
| Number (no) | NS-4 |
| Page | pp.pp.7-12(NS), |
| #Pages | 6 |
| Date of Issue | 2020-04-09 (NS) |