Page 45 - Read Online
P. 45

Page 38                                                               Kim et al. J Surveill Secur Saf 2020;1:34-60  I  http://dx.doi.org/10.20517/jsss.2020.14






































                               Figure 3. DNS architecture. DNS: Domain Name System; gTLD: general Top Level Domain

               nameserver from the Root name server.
               (4) The Root name server sends back the IP address of the .com name server as a response.
               (5) Using this IP address, the recursive DNS Resolver requests the IP address of the SLD nameserver from
               the .com name server.
               (6) The .com name server sends back the IP address of the .google.com name server as a response.
               (7) With the IP address, the recursive DNS Resolver requests the IP address for www.google.com from the
               .google.com name server.
               (8) The .google.com name server sends back the own IP address of www.google.com to the recursive DNS
               resolver.
               (9) The recursive DNS resolver sends back the IP address of www.google.com to the client as a response.
               Finally, with the IP address (172.217.7.197 in this example), the client connects to the www.google.com
               server.

               The DNS framework consists of the following three parts:
               (1) Client: They request IP addresses with domain names through the stub resolver, a client of DNS, and
               transmits the request to the local DNS server address set on its device.
               (2) Local DNS Server (Recursive DNS Resolver): They receive the DNS query from clients and obtains the
               IP address for the domain name from domain name servers. Also, the IP address once found is stored in
               memory for a certain period. So, it is called Caching Resolver.
               (3) Domain Name Server (Authoritative Name Server): They have and manage IP addresses for the domain
               names as well as the information related to the IP addresses. The Authoritative Name Server is composed
               of more than 3-levels (Root, TLD, Lower-level Domain). Each domain server consists of a single master
               server and several slave servers.


               In addition to the basic information regarding IP addresses for domain names, DNS databases provide
               additional information for a variety of services. DNS resource records (RR) have additional information
   40   41   42   43   44   45   46   47   48   49   50