Design of security scheme to prevent DNS cache poisoning attacks
Ng, Wei Lin
Date of Issue2017-05-11
School of Electrical and Electronic Engineering
DNS is a protocol which translate domain names to IP addresses of which network devices use to communicate with each other. However, DNS has vulnerabilities open to exploitation. DNS cache poisoning attack is one of the exploited method that is still not completely mitigated till today. DNS resolver cached on the poisoned query response of which the attackers sent. The bogus response could stay in the cache for a long period without users realizing at all. This report studies DNS cache poisoning attacks and method to mitigate the cyber-attack. Many solutions had been proposed to improve on the security of DNS. There are two main security schemes for DNS cache poisoning attacks. One is the Dan Kaminsky’s algorithm  of which he uses to mitigate the attack after discovering a fundamental DNS vulnerability. The other is DNSSEC which involves adding cryptographic signature to DNS records and stored in DNS name servers. Verification can be made if the requested DNS record comes from authoritative server. Despite having these security schemes, DNS cache poisoning attacks are still happening throughout the years. A proposed countermeasure would be included in this report, of which DNS resolver and local cache would be considered.
Final Year Project (FYP)
Nanyang Technological University