Protecting the DNS infrastructure of a top level domain: Real-time monitoring with network sensors
暂无分享,去创建一个
In this paper we propose a solution to strengthen the security of domain name system (DNS) servers associated with one or more top level domains (TLD). The proposed solution has been developed and tested at FCCN, the TLD manager for the .PT domain. Through the implementation of network probes that monitor the network in real-time, we are able to dynamically prevent, detect or limit the scope of attempted intrusions or other types of attacks to the DNS service. The platform relies heavily on cross-correlation allowing data from a particular sensor to be shared with the others. Administration tasks such as setting up alarms or performing statistical analysis are made through a Web-based interface.
[1] Paul Vixie. DNS Complexity , 2007, ACM Queue.
[2] Daniel Massey,et al. Impact of configuration errors on DNS robustness , 2009, IEEE J. Sel. Areas Commun..
[3] Edmundo Monteiro,et al. Development of an Integrated Solution for Intrusion Detection: A Model Based on Data Correlation , 2006, International conference on Networking and Services (ICNS'06).