Page 44 - Read Online
P. 44

Kim et al. J Surveill Secur Saf 2020;1:34-60  I  http://dx.doi.org/10.20517/jsss.2020.14                                                               Page 37


































               Figure 2. Domain Name System structure


               2.1.2 DNS philosophy
               Technically, DNS is a hierarchical name server system that uses a globally distributed database system that
               holds information about each domain. The DNS information is stored in distributed DNS servers, and the
               information can be searched at any time upon user request.

               Figure 2 illustrates the hierarchical DNS structure via a common domain name. DNS begins with the
               .(Root) domain at the top. .com is a TLD (Top Level Domain) whose parent is the .(Root) domain. .google
               is an SLD (Second Level Domain) whose parent is the .com domain. Finally, .www (i.e., a web service) is a
               subdomain of .google.com.

               As the top level of DNS, Root name servers are a global network with 13 redundant servers located in
               various countries, which manage all TLDs. The TLD comprises two types: the country code Top Level
               Domain (ccTLD) and the general Top Level Domain (gTLD). The ccTLD stands for the country domain
               name, such as .kr (South Korea) and the gTLD stands for the general domain type, such as .com (Company)
               or .org (Organization). As the number of domains increased, the number of available TLDs became
               insufficient, and ICANN announced a new set of TLDs in 2014. Currently, the number of TLD servers
               around the world is approximately 1,500 (maintained by IANA). Such vertical tree structure enables DNS
               not only to facilitate the management of each domain information but also to distribute numerous DNS
               requests efficiently.

               The process of translating IP addresses to corresponding domain names through DNS is called name
                                        [1]
               resolution or DNS resolution . DNS resolution begins with a client’s DNS request. Figure 3 illustrates how
               a client obtains the IP address for a web server via DNS resolution, allowing it to receive web services.

               (1) A client requests an IP address www.google.com from a local recursive DNS resolver.
               (2) The recursive DNS resolver first checks the address translation in its local cache.
               (3) If there is no information in the cache, the recursive DNS resolver requests the IP address of the TLD
   39   40   41   42   43   44   45   46   47   48   49