Security enhancements to prevent DNS cache poisoning attacks
The Domain Name Server (DNS) serves very important role in today internet, by converting human readable domain or host name to computer readable Internet Protocol (IP) address. In recent years, vulnerabilities of the DNS had surface due to its lack of security upgrade. One of it is DNS Cache Poisoni...
Saved in:
Main Author: | |
---|---|
Other Authors: | |
Format: | Final Year Project |
Language: | English |
Published: |
2018
|
Subjects: | |
Online Access: | http://hdl.handle.net/10356/74889 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Nanyang Technological University |
Language: | English |
id |
sg-ntu-dr.10356-74889 |
---|---|
record_format |
dspace |
spelling |
sg-ntu-dr.10356-748892023-07-07T15:54:58Z Security enhancements to prevent DNS cache poisoning attacks Chong, Soon Seng Ma Maode School of Electrical and Electronic Engineering DRNTU::Engineering The Domain Name Server (DNS) serves very important role in today internet, by converting human readable domain or host name to computer readable Internet Protocol (IP) address. In recent years, vulnerabilities of the DNS had surface due to its lack of security upgrade. One of it is DNS Cache Poisoning where attackers forcefully gain access to the names server and change the cache record, diverting users to malicious websites meant to steal confidential information for financial gain or ill-intent. DNSSEC has been introduced as a solution to DNS Cache Poisoning but has not been very popular with the internet community. One of the main reason was linked to extended loading time for website due to delays and errors caused by signature generation and validation required in DNSSEC, affecting user experience. The study attempt to compares the efficiency between Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC), algorithms used in DNSSEC digital signing, and proposed viable solution to resolve the slow uptakes issue of DNSSEC. By comparing query time for DNSSEC enabled websites using RSA and ECDSA, we can find out which algorithm are more efficient. The results obtained agree with theory and justify ECDSA to be a more efficient algorithm for use in DNSSEC due to its small key sizes and still providing the level of security needed. While using ECDSA could increase the speed of query time in DNS, further studies utilizing modern technologies such as Machine Learning integrated into the system can be done to improve the overall efficiency of DNS with DNSSEC. Bachelor of Engineering 2018-05-24T08:05:32Z 2018-05-24T08:05:32Z 2018 Final Year Project (FYP) http://hdl.handle.net/10356/74889 en Nanyang Technological University 35 p. application/pdf |
institution |
Nanyang Technological University |
building |
NTU Library |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
NTU Library |
collection |
DR-NTU |
language |
English |
topic |
DRNTU::Engineering |
spellingShingle |
DRNTU::Engineering Chong, Soon Seng Security enhancements to prevent DNS cache poisoning attacks |
description |
The Domain Name Server (DNS) serves very important role in today internet, by converting human readable domain or host name to computer readable Internet Protocol (IP) address. In recent years, vulnerabilities of the DNS had surface due to its lack of security upgrade. One of it is DNS Cache Poisoning where attackers forcefully gain access to the names server and change the cache record, diverting users to malicious websites meant to steal confidential information for financial gain or ill-intent. DNSSEC has been introduced as a solution to DNS Cache Poisoning but has not been very popular with the internet community. One of the main reason was linked to extended loading time for website due to delays and errors caused by signature generation and validation required in DNSSEC, affecting user experience. The study attempt to compares the efficiency between Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC), algorithms used in DNSSEC digital signing, and proposed viable solution to resolve the slow uptakes issue of DNSSEC. By comparing query time for DNSSEC enabled websites using RSA and ECDSA, we can find out which algorithm are more efficient. The results obtained agree with theory and justify ECDSA to be a more efficient algorithm for use in DNSSEC due to its small key sizes and still providing the level of security needed. While using ECDSA could increase the speed of query time in DNS, further studies utilizing modern technologies such as Machine Learning integrated into the system can be done to improve the overall efficiency of DNS with DNSSEC. |
author2 |
Ma Maode |
author_facet |
Ma Maode Chong, Soon Seng |
format |
Final Year Project |
author |
Chong, Soon Seng |
author_sort |
Chong, Soon Seng |
title |
Security enhancements to prevent DNS cache poisoning attacks |
title_short |
Security enhancements to prevent DNS cache poisoning attacks |
title_full |
Security enhancements to prevent DNS cache poisoning attacks |
title_fullStr |
Security enhancements to prevent DNS cache poisoning attacks |
title_full_unstemmed |
Security enhancements to prevent DNS cache poisoning attacks |
title_sort |
security enhancements to prevent dns cache poisoning attacks |
publishDate |
2018 |
url |
http://hdl.handle.net/10356/74889 |
_version_ |
1772829156200939520 |