• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.1
• /
• pp.41-50
• /
• 2011

DNS(Domain Name System) is the Name Resolution Mechanism that makes conversion from a Domain Name of a computer on the Internet to an IP Address or the reverse conversion. In this paper we researched on the Foundation techniques of Fault-tolerant DNS Servers that the secondary DNS can take over and provide continuous services even though primary DNS stops due to some critical errors.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.1
• /
• pp.90-100
• /
• 2013

Active-Standby Duplication Techniques are conventionally used for fault-tolerant systems. But in this paper we researched on the Active-Active Duplication Techniques for Fault-tolerant DNS System. Our Active-Active Duplication made the 1st DNS periodically copied to the 2nd DNS and maintained the same status by using Rsync and Crontab. Even though the 1st or the 2nd DNS stops due to some critical errors, the remaining DNS can take over and provide continuous services.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.5
• /
• pp.36-46
• /
• 2019

The number of hosts connected to the Internet has increased dramatically, introducing the Domain Name System(DNS) in 1984. DNS is now an important key point for all users of the Internet by allowing them to use a convenient character address without memorizing a series of numbers of complex IP address. However, relative to the importance of DNS, there still exist many problems such as the authorization allocation issue, the disputes over public registration, security vulnerability such as DNS cache poisoning, DNS spoofing, man-in-the-middle attack, DNS amplification attack, and the need for many domain names in the age of hyper-connected networks. In this paper, to effectively improve these problems of existing DNS, we proposed a method of implementing DNS using distributed ledger technology, blockchain, and implemented using a Ethereum-based platform. In addition, the qualitative analysis performance comparative evaluation of the existing domain name registration and domain name server was conducted, and conducted security assessments on the proposed system to improve security problem of existing DNS. In conclusion, it was shown that DNS services could be provided high security and high efficiently using blockchain.

• 전자공학회논문지 IE
• /
• v.44 no.1
• /
• pp.20-26
• /
• 2007

Most researches on the mobile ad hoc network (MANET) have been focused on routing protocols, but for the real service provision DNS(Domain Name System) has to be supported first. Due to the inherent characteristics of the mobile ad hoc network, the DNS of the wired network is assumed to be not good for the MANET environment. The approach of distributed DNSs can easily adapt to the node mobility, but incurs the name conflict resolution overhead. On the other hand, the centralized approach performs the name resolution based on the unicast communication without causing the name conflict resolution overhead. The most important issue of the centralized approach is to provide the seamless name resolution service under server mobility. Therefore, in this paper, we propose a new centralized DNS, Manet DNS, which works efficiently on name allocation and management and solves the network merging and partitioning problem as well as providing the seamless name resolution service.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37B no.11
• /
• pp.1082-1089
• /
• 2012

Recent malicious attempts in Cyber space are intended to emerge national threats such as Suxnet as well as to get financial benefits through a large pool of comprised botnets. The evolved botnets use the Domain Name System(DNS) to communicate with the C&C server and zombies. DNS is one of the core and most important components of the Internet and DNS traffic are continually increased by the popular wireless Internet service. On the other hand, domain names are popular for malicious use. This paper studies on DNS-based cyber threats domain detection by data classification based on supervised learning. Furthermore, the developed cyber threats domain detection system using DNS traffic analysis provides collection, analysis, and normal/abnormal domain classification of huge amounts of DNS data.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.10
• /
• pp.2750-2763
• /
• 2012

The Domain Name System (DNS) is a critical Internet infrastructure that provides name to address mapping services. In the past decade, Denial-of-Service (DoS) attacks have targeted the DNS infrastructure and threaten to disrupt this critical service. While the flooding DoS attacks may be alleviated by the DNS caching mechanism, we show in this paper that flooding DoS attacks utilizing name error queries is capable of bypassing the cache of resolvers and thereby impose overwhelming flooding attacks on the name servers. We analyze the impacts of such DoS attacks on both name servers and resolvers, which are further illustrated by May 19 China's DNS Collapse. We also propose the detection and defense approaches for protecting DNS servers from such DoS attacks. In the proposal, the victim zones and attacking clients are detected through monitoring the number of corresponding responses maintained in the negative cache. And the attacking queries can be mitigated by the resolvers with a sample proportion adaptive to the percent of queries for the existent domain names. We assess risks of the DoS attacks by experimental results. Measurements on the request rate of DNS name server show that this kind of attacks poses a substantial threat to the current DNS service.

• KIPS Transactions on Computer and Communication Systems
• /
• v.1 no.1
• /
• pp.55-60
• /
• 2012

Recent botnets are widely using the DNS services at the connection of C&C server in order to evade botnet's detection. It is necessary to study on DNS analysis in order to counteract anomaly-based technique using the DNS. This paper studies collection of DNS traffic for experimental data and supervised learning for DNS traffic-based malicious domain classification such as query of domain name corresponding to C&C server from zombies. Especially, this paper would aim to determine significant features of DNS-based classification system for malicious domain extraction by the Principal Component Analysis(PCA).

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.4
• /
• pp.95-105
• /
• 2010

DNS(Domain Name System) is a huge distributed database that converts host name to IP address. We are expecting the importance of DNS is more increased because many Internet application services appear according to the continuous increase of Internet users and nearly all the Internet application services use DNS. To prevent the interruption of DNS service, DNS server is configured with primary DNS server and a secondary DNS server which takes the place of primary DNS server in case of the service interruption. But this scheme is difficult for providing DNS service constantly in case of DDoS attack, which brings about much network load or network problems in DNS server group. Therefore, This paper proposed the scheme to locally distribute load of DNS server, and the use of address system to group the distributed DNS servers. Also, it proposed the authentication scheme of the correspondent server in case the server is changed in DNS server group having grouping address. In this paper, it is shown that the prosed scheme guarantees the improved service reliability with maintaining the present service performance through the evaluation. Through this, we can expect the high improved DNS service can be provided in the Internet environment in the future.

• Journal of Convergence for Information Technology
• /
• v.9 no.9
• /
• pp.52-57
• /
• 2019

DNS stands for 'Domain Name System' and uses IP addresses to identify devices connected to the network on the network. IP is a protocol that registers and manages aliases such as IPs because it is difficult for general users to remember. In recent years, the abuse of such DNS is increasing abroad, and behind the scenes, called 'DNS pionage,' are developing and evolving new rules and malware. DNSpionage attack is abusing DNS system such as Increasing hacking success rate, leading to fake sites, changing or forged data. As a result it is increasing the damage cases. As the global DNS system is expanding to the extent that it is out of control. Therefore, in this research, the countermeasures of DNSpionage attack is proposed to contribute to build a secure and efficient DNS system.

• The Journal of the Korea Contents Association
• /
• v.7 no.12
• /
• pp.273-282
• /
• 2007

The Domain Name System (DNS) is the core system for managing Internet address resources, providing the most fundamental naming service. Currently, the DNS is classified into a tree structure. In this structure, it is difficult to normally access to the lower DNS, when there is an error in the upper DNS. Such a risk still remains even when a supplementary DNS is operated. However, due to the merit of the DNS enabling fast searches, it is impracticable to abandon the current tree structure. To efficiently correspond to DNS errors, this study suggests a method where the merit of the current tree structure is kept, while a temporary operation of the local DNS is available when errors occur by adding a horizontal and independent DNS structure.