DNS Flood Attack Mitigation Utilizing Hot-Lists and Stale Content Updates
Domain Name System (DNS) has become a target of the Distributed Denial of Service (DDoS) attacks. When a DNS is under a DDoS flood attack, all the domain information under that DNS becomes unreachable, eventually causing unavailability of those particular domain names. In this paper, we propose a method which includes periodic stale content update and maintains a list of most frequently queried domain names of different DNS servers. Our simulation results show that the our method can serve more than \(70\%\) of the total cache responses during a massive DNS Flood attack.
KeywordsDNS Flood DDoS Hot-lists DNS Cache Stale update
- 2.Zeifman, I., Margolius, D.: The long and short of TTL – understanding DNS redundancy and the Dyn DDoS attack. https://www.incapsula.com/blog/the-long-and-short-of-ttl-the-ddos-perspective.html. Accessed 18 June 2018
- 4.Mahjabin, T., Xiao, Y.: Mitigation process for DNS flood attacks. In: Proceeding of 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas (Short Paper), 11–14 January 2019Google Scholar
- 8.Wei-min, L., Lu-ying, C., Zhen-ming, L.: Alleviating the impact of DNS DDoS attacks. In: Second International Conference on Networks Security, Wireless Communications and Trusted Computing, vol. 1, pp. 240–243. IEEE, April 2010Google Scholar
- 9.Ballani, H., Francis, P.: Mitigating DNS DoS attacks. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 189–198. ACM, October 2008Google Scholar
- 12.Cao, P., Irani, S.: Cost-aware WWW proxy caching algorithms. In: USENIX Symposium on Internet Technologies and Systems, vol. 12, no. 97, pp. 193–206 (1997)Google Scholar