University of Twente Student Theses

Login

Resilience of DNS infrastructure against DDoS attacks

Chattopadhyay, A. (2022) Resilience of DNS infrastructure against DDoS attacks.

[img]

PDF
2MB

Abstract:	The Domain Name System (DNS) performs the crucial task of mapping human-readable domain names to machine-readable IP addresses. Disruption in this service can lead to widespread latency or failure in accessing websites, web applications, email services, etc. Denial of Service (DoS) attacks on the DNS infrastructure disrupt operations on victim name servers either by choking its network or exhausting its computational resources. Prior studies have investigated well-known DoS attack incidents, including the defenses within DNS for mitigation, either via simulated experiments or measurements on a small subset of the DNS landscape. However, a joint study of the effects of DoS attacks observed in the wild, together with the effectiveness of deployed countermeasures in the global DNS infrastructure is still missing. This paper presents an overview on the operations of the global DNS infrastructure and the efficacy of its defenses in the face of DoS attacks detected in the wild. To achieve this, we fuse data from two independent large-scale measurement systems, one inferring attack activity from a large network telescope and another consisting of active DNS measurements. Our data spans a period of one year, thus providing large-scale observations of DoS attacks, allowing us to gauge at the visible degradation of DNS resolution times consequent to attacks, as well as the effectiveness of resilience techniques deployed in DNS.
Item Type:	Essay (Master)
Faculty:	EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:	54 computer science
Programme:	Computer Science MSc (60300)
Link to this item:	https://purl.utwente.nl/essays/89768
Export this item as:	BibTeX EndNote HTML Citation Reference Manager

Show download statistics for this publication

Repository Staff Only: item control page