Design and Implementation of an SDN-Enabled DNS Security Framework

被引:0
|
作者
Zhenpeng Wang [1 ]
Hongchao Hu [1 ]
Guozhen Cheng [1 ]
机构
[1] National Digital Switching System Engineering and Technological Research Center
来源
China Communications | 2019年 / 16卷 / 02期
关键词
DNS cache poisoning attack; software defined networking; moving target defense; dynamic heterogeneous redundant;
D O I
暂无
中图分类号
TP393.08 [];
学科分类号
0839 ; 1402 ;
摘要
The Domain Name System(DNS) is suffering from the vulnerabilities exploited to launch the cache poisoning attack. Inspired by biodiversity, we design and implement a non-intrusive and tolerant secure architecture Multi-DNS(MDNS) to deal with it. MDNS consists of Scheduling Proxy and DNS server pool with heterogeneous DNSs in it. And the Scheduling Proxy dynamically schedules m DNSs to provide service in parallel and adopts the vote results from majority of DNSs to decide valid replies. And benefit from the centralized control of software defined networking(SDN), we implement a proof of concept for it. Evaluation results prove the validity and availability of MDNS and its intrusion/fault tolerance, while the average delay can be controlled in 0.3s.
引用
收藏
页码:233 / 245
页数:13
相关论文
共 50 条
  • [1] Design and Implementation of an SDN-Enabled DNS Security Framework
    Wang, Zhenpeng
    Hu, Hongchao
    Cheng, Guozhen
    [J]. CHINA COMMUNICATIONS, 2019, 16 (02) : 233 - 245
  • [2] A Security Framework for SDN-enabled Smart Power Grids
    Ghosh, Uttam
    Chatterjee, Pushpita
    Shetty, Sachin
    [J]. 2017 IEEE 37TH INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS WORKSHOPS (ICDCSW), 2017, : 113 - 118
  • [3] On the Security of SDN-Enabled Smartgrid Systems
    Ibdah, Duha
    Kanani, Maryam
    Lachtar, Nada
    Allan, Neveen
    Al-Duwairi, Basheer
    [J]. 2017 INTERNATIONAL CONFERENCE ON ELECTRICAL AND COMPUTING TECHNOLOGIES AND APPLICATIONS (ICECTA), 2017, : 283 - 287
  • [4] Dynamic Game based Security framework in SDN-enabled Cloud Networking Environments
    Chowdhary, Ankur
    Pisharody, Sandeep
    Alshamrani, Adel
    Huang, Dijiang
    [J]. SDN-NFVSEC'17: PROCEEDINGS OF THE ACM INTERNATIONAL WORKSHOP ON SECURITY IN SOFTWARE DEFINED NETWORKS & NETWORK FUNCTION VIRTUALIZATION, 2017, : 53 - 58
  • [5] Security risk assessment for SDN-enabled smart grids
    Maziku, Hellen
    Shetty, Sachin
    Nicol, David M.
    [J]. COMPUTER COMMUNICATIONS, 2019, 133 : 1 - 11
  • [6] Design of SDN-enabled Cloud Data Center
    Hwang, Ren-Hung
    Tseng, Huei-Ping
    Tang, Yu-Chi
    [J]. 2015 IEEE INTERNATIONAL CONFERENCE ON SMART CITY/SOCIALCOM/SUSTAINCOM (SMARTCITY), 2015, : 950 - 957
  • [7] SDN-Enabled S-BVT for Disaggregated Networks: Design, Implementation and Cost Analysis
    Nadal, Laia
    Svaluto Moreolo, Michela
    Alberto Hernandez, Jose
    Fabrega, Josep M.
    Casellas, Ramon
    Munoz, Raul
    Vilalta, Ricard
    Rodriguez, Laura
    Vilchez, E. Javier
    Martinez, Ricardo
    [J]. JOURNAL OF LIGHTWAVE TECHNOLOGY, 2020, 38 (11) : 3037 - 3043
  • [8] SDN-Enabled Cyber-Physical Security in Networked Microgrids
    Li, Yan
    Qin, Yanyuan
    Zhang, Peng
    Herzberg, Amir
    [J]. IEEE TRANSACTIONS ON SUSTAINABLE ENERGY, 2019, 10 (03) : 1613 - 1622
  • [9] On the Implementation of Path Switching over SDN-enabled Network: A Prototype
    Tsai, Pang-Wei
    Wu, Pei-Ming
    Chen, Chien-Ting
    Luo, Mon-Yen
    Yang, Chu-Sing
    [J]. 2015 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS - TAIWAN (ICCE-TW), 2015, : 90 - 91
  • [10] An Implementation Experience with SDN-enabled IoT Data Exchange Middleware
    Scalzotto, Luca
    Benson, Kyle E.
    Bouloukakis, Georgios
    Bellavista, Paolo
    Issarny, Valerie
    Mehrotra, Sharad
    Venkatasubramanian, Nalini
    [J]. MIDDLEWARE'18: PROCEEDINGS OF THE 2018 ACM/IFIP/USENIX MIDDLEWARE CONFERENCE (POSTERS), 2018, : 21 - 22
12345