BITS Faculty Publications

Permanent URI for this communityhttp://localhost:4000/handle/123456789/1867

Browse

Filters

2017 - 20194

Settings

Has files: NoSubject: search.filters.subject.DNS

Search Results

Now showing 1 - 4 of 4
  • No Thumbnail Available
    Item
    Secure domain name service in software defined network
    (IEEE, 2017) Gupta, Vishal
    Domain Name Service (DNS) is an important service generally used by other application layer protocols of TCP/IP protocol stack. These protocols use DNS to translate human readable web address to machine readable IP address which is then used by other protocols of network stack for communication between computers over the network. The correctness of DNS translation cannot be compromised as it may lead to unsecure transactions with in the network. Because of this, DNS is generally a soft target for attackers and is vulnerable to different security threats including DNS spoofing, DNS cache poisoning, etc. Many solutions for such threats are proposed for traditional IP network. In this paper we talk about security loops in DNS and propose a solution for it in Software Defined Network (SDN) environment.
  • No Thumbnail Available
    Item
    KarmaNet: SDN Solution to DNS-Based Denial-of-Service
    (Springer, 2019-01) Gupta, Vishal
    Networks are fundamentally designed to efficiently share network resources among end-users. The Internet has facilitated a global communication and computational environment by interconnecting billions of computers. People depend on the Internet to share professional, personal, confidential, and valuable information with other network users. Because of this high dependency of users, attackers often exploit its weaknesses to paralyze crucial and important segments of the Internet. Domain Name System (DNS) is one such segment whose proper functioning is highly crucial for the Internet to function properly. Attackers often exploit vulnerabilities of the Internet and DNS to launch large scale Distributed Denial of Service (DDoS) attacks and disrupt network services. Such DNS based DDoS attacks generally use IP spoofing to bombard target network/host so as to paralyze them with attack packets. In this paper we present a novel DDoS attack prevention mechanism by utilizing the flexibility and programmability aspects of Software Defined Networks (SDN). The principal philosophy used behind it is to route DNS response packets along the same path which was used by corresponding DNS request packet. Such routing is independent of the destination IP address present in the packet. This way, the malicious host responsible for launching DDoS attack will self-destruct itself. The results of the simulation showed that KarmaNet reduced the network delay by 41% when the network was experiencing a DDoS attack. Also, as any security mechanism comes at a cost, simulations of proposed mechanism shows that it also introduced additional delay of 8%–9% in getting DNS responses as compared to current DNS structure.
  • No Thumbnail Available
    Item
    DNS Amplification Based DDoS Attacks in SDN Environment: Detection and Mitigation
    (IEEE, 2019) Gupta, Vishal; Kulshrestha, Rakhee
    Domain Name System (DNS) amplification based Distributed Denial of Service (DDoS) attacks have been part of the Internet's history for a long time. Since the inception of Internet protocol, several security measures, improved protocols, and hardware have been developed but there still is not a foolproof way to avoid such DDoS attacks. Attackers have used it to congest networks and servers with the aim of disrupting services which in turn lead to huge financial losses. Software-Defined Network (SDN) environment has evolved as a promising alternative to legacy networks. It essentially gives the underlying network an external controller (brain) which makes respective network layer devices centrally programmable. This gives administrators absolute control over the network, to decide and take action on how each and every packet in the network should move around. It is predicted as the future of computer networking to thwart major cyberattacks with nearly full autonomy on the network. Through this research, it is intended to identify and mitigate DNS Amplification based DDoS attacks in such an environment. A middle-layer third-party solution is proposed to protect an organization's network by offloading the attack to an open flow enabled SDN network. Using a bloom filter as a defense mechanism, detection and mitigation of an attack is done.
  • No Thumbnail Available
    Item
    Prevention and Mitigation of DNS based DDoS attacks in SDN Environment
    (IEEE, 2019) Gupta, Vishal
    Denial-of-Service attack (DoS attack) is an attack on network in which an attacker tries to disrupt the availability of network resources by overwhelming the target network with attack packets. In DoS attack it is typically done using a single source, and in a Distributed Denial-of-Service attack (DDoS attack), like the name suggests, multiple sources are used to flood the incoming traffic of victim. Typically, such attacks use vulnerabilities of Domain Name System (DNS) protocol and IP spoofing to disrupt the normal functioning of service provider or Internet user. The attacks involving DNS, or attacks exploiting vulnerabilities of DNS are known as DNS based DDOS attacks. Many of the proposed DNS based DDoS solutions try to prevent/mitigate such attacks using some intelligent non-“network layer” (typically application layer) protocols. Utilizing the flexibility and programmability aspects of Software Defined Networks (SDN), via this proposed doctoral research it is intended to make underlying network intelligent enough so as to prevent DNS based DDoS attacks.