Scribd Logo
Upload

Welcome to Scribd!

  • 7 views

    Dns Dos Attack Protection System Imlpementation Using Verilog

    Uploaded by

    rasheed72
    This document discusses a hardware solution for protecting DNS servers from DNS denial of service (DoS) attacks. It proposes a rate-based system that detects flood attacks by maintaining counters for various DNS message parameters. It also detects anomalies by parsing DNS message parameters to protect servers from being overloaded. The system analyzes DNS protocols, current DNS DoS attacks, and proposes hardware to detect attacks and anomalies according to DNS standards to filter illegitimate traffic and ensure server availability.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Dns Dos Attack Protection System Imlpementation Using Verilog

    Uploaded by

    rasheed72
    7 views3 pages
    This document discusses a hardware solution for protecting DNS servers from DNS denial of service (DoS) attacks. It proposes a rate-based system that detects flood attacks by maintaining counters for various DNS message parameters. It also detects anomalies by parsing DNS message parameters to protect servers from being overloaded. The system analyzes DNS protocols, current DNS DoS attacks, and proposes hardware to detect attacks and anomalies according to DNS standards to filter illegitimate traffic and ensure server availability.

    Original Description:

    Original Title

    rehan

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses a hardware solution for protecting DNS servers from DNS denial of service (DoS) attacks. It proposes a rate-based system that detects flood attacks by maintaining counters for various DNS message parameters. It also detects anomalies by parsing DNS message parameters to protect servers from being overloaded. The system analyzes DNS protocols, current DNS DoS attacks, and proposes hardware to detect attacks and anomalies according to DNS standards to filter illegitimate traffic and ensure server availability.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    7 views3 pages

    Dns Dos Attack Protection System Imlpementation Using Verilog

    Uploaded by

    rasheed72
    This document discusses a hardware solution for protecting DNS servers from DNS denial of service (DoS) attacks. It proposes a rate-based system that detects flood attacks by maintaining counters for various DNS message parameters. It also detects anomalies by parsing DNS message parameters to protect servers from being overloaded. The system analyzes DNS protocols, current DNS DoS attacks, and proposes hardware to detect attacks and anomalies according to DNS standards to filter illegitimate traffic and ensure server availability.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 3

    DNS DOS ATTACK PROTECTION SYSTEM

    IMLPEMENTATION USING VERILOG

    ABSTRACT
    The DNS(Domain Name System) is a distributed database that is used by TCP/IP
    and UDP application to map between hostnames and ip addresses, and to provide
    electronic routing information.

    To identify an entity(web server),the internet uses the IP address, which uniquely


    identifies the connection of a host to the internet. However, people prefer to use
    names instead of numeric addresses. Therefore a system is needed that can map
    a name or an address to a name. Domain Name system enables us to use
    hierarchical, friendly names to easily locate web server and other resources on an
    IP network. Remembering IP address for various resources on the internet rather
    than calling by names like www.uce.in or www.google .com is next to impossible.

    DNS servers like other Internet resources are prone to denial of service attacks.
    Since DNS uses UDP queries for name resolution, denial of service attacks are
    almost impossible to trace and block aas they are highly spoofable. DNS flood
    works by sending many thousand of rapid DNS requests, there by giving the
    server more traffic than it can handle, resulting in slower and slower response
    times for legitimate requests.

    This thesis discusses DNS protocols in detail and also throws light on the state-of-
    the-art DNS DOS attacks possible. This thesis proposes a hardware solution to
    protect DNS server from these kinds of Dos attacks. The proposed solution is a
    rate based system which detects the flood attacks by maintaining counters for
    various parameters in the DNS message. It also detects possible anomalies by
    parsing various parameters in DNS message, there by protecting the server from
    getting overloaded.
    INTRODUCTION

    The internet uses the IP address to find an entity, which uniquely identifies the
    connection of host to the internet. However people prefer to use names instead
    of numeric address. Therefore a system is needed that can map a name to
    address or address to a name.

    when the internet was small, mapping was done using a host file. The host file
    had only two coloumns, one for the name and one for the address. Every client
    could store the host file on its disk and update periodically from master host file.
    When a client wanted to map a name to an address, the application has to consult
    the host file and found the mapping.

    Today, however, it is impossible to have one single host file relate every address
    to a name, and vice versa. The host file would be too large to store in every
    terminal in addition it would be impossible to update all the host files in the world
    every time there is a change.

    Domain Name System (DNS) is a client-server application that identifies each host
    on the internet with a unique user-friendly name.

    DNS translates the meaningful host names and domain names into valid IP
    address. This is one of the application layer protocol. This comes under the layer 7
    in osi model. The domain name system associates various information with
    domain names, most importantly, it serves as the phone book for the internet by
    translating human-readable computer hostnames.

    The Domain name system distributes the responsibility for assigning domain
    names and mapping them to IP networks by allowing an authoritative name
    server for each domain to keep track of its own changes, avoiding the need for a
    central register to be continually consulted.
    Conclusion

    DNs servers are prone to denial of service attacks. Since DNS uses UDP queries for
    name resolution, denial of service attacks are almost impossible to trace and
    block as they are highly spoofable. DNS flood works by sending many thousand of
    rapid DNS requests, there by giving the server more traffic than it can handle,
    resulting in slower and slower response times for legitimate requests.

    The system can also detect various anomalies in DNS message. The anomalous
    packets are the packets which deviate from the protocol standards. The RFC1035
    was studied and possible anomalies were listed out. The design parses the
    incoming DNS messages and checks if theymatch any one of the predefined
    anomalies. If it finds a match it drops those packets. By doing so the DNS server is
    being protected from overloading with unnecessary traffic.

    You might also like