Page 41 - Read Online
P. 41

Kim et al. J Surveill Secur Saf 2020;1:34-60                 Journal of Surveillance,
               DOI: 10.20517/jsss.2020.14                                        Security and Safety




               Original Article                                                              Open Access


               A survey of domain name system vulnerabilities and
               attacks



               Tae Hyun Kim, Douglas Reeves

               Department of Computer Science, North Carolina State University, Raleigh, NC 27695, USA.
               Correspondence to:  Prof. Douglas Reeves, Department of Computer Science, North Carolina State University, Raleigh, NC
               27695, USA. E-mail: reeves@ncsu.edu

               How to cite this article: Kim TH, Reeves D. A survey of domain name system vulnerabilities and attacks. J Surveill Secur Saf
               2020;1:34-60. http://dx.doi.org/10.20517/jsss.2020.14

               Received: 20 Apr 2020    First Decision: 9 Jun 2020    Revised: 13 Jul 2020    Accepted: 20 Jul 2020    Available online: 12 Sep 2020

               Academic Editor: Fei Gao    Copy Editor: Cai-Hong Wang    Production Editor: Jing Yu


               Abstract
               Aim: The Domain Name System (DNS) plays an integral role in the functionality of the Internet. Clients receive
               Internet service by mapping domain names into internet protocol addresses, which are routable. DNS provides a
               scalable and flexible name resolution service to clients easily and quickly. However, DNS was initially developed
               without security, and the information is not secured. Although DNS security extensions was released in 1999 to
               protect against vulnerabilities, it is not widely deployed, and DNS continues to suffer from a variety of attacks. The
               purpose of this study is to provide a comprehensive survey of DNS security.

               Methods: We describe an overview of DNS vulnerabilities, DNS attacks, and even mitigation systems. In detail,
               attacks are classified by purpose and methods for defending against these attacks are introduced and assessed.
               Finally, we conclude with a summary of the current state of DNS security.


               Results: The main findings of this study is to introduce fundamental vulnerabilities of DNS and classify
               representative DNS attacks into four categories to efficiently analyze them. Moreover, we describe and assess
               mitigation systems to defense these attacks.

               Conclusion: We conclude that DNS is an integral part of Internet operations but is still exposed to various attacks
               due to its vulnerabilities, low deployment of available mitigation techniques, and limitations of such techniques.


               Keywords: Survey paper, Domain Name System, DNSSESC, network security, DNS attacks, DNS mitigation system



                           © The Author(s) 2020. Open Access This article is licensed under a Creative Commons Attribution 4.0
                           International License (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted use,
                sharing, adaptation, distribution and reproduction in any medium or format, for any purpose, even commercially, as long
                as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license,
                and indicate if changes were made.


                                                                                                                                                  www.jsssjournal.com
   36   37   38   39   40   41   42   43   44   45   46