Visible to the public Query-Crafting DoS Threats Against Internet DNS

TitleQuery-Crafting DoS Threats Against Internet DNS
Publication TypeConference Paper
Year of Publication2020
AuthorsChang, Sang-Yoon, Park, Younghee, Kengalahalli, Nikhil Vijayakumar, Zhou, Xiaobo
Conference Name2020 IEEE Conference on Communications and Network Security (CNS)
KeywordsAnalytical models, Computer crime, feature extraction, Internet, IP networks, Measurement, privacy, pubcrawl, Servers, threat vectors
AbstractDomain name system (DNS) resolves the IP addresses of domain names and is critical for IP networking. Recent denial-of-service (DoS) attacks on Internet targeted the DNS system (e.g., Dyn), which has the cascading effect of denying the availability of the services and applications relying on the targeted DNS. In view of these attacks, we investigate the DoS on DNS system and introduce the query-crafting threats where the attacker controls the DNS query payload (the domain name) to maximize the threat impact per query (increasing the communications between the DNS servers and the threat time duration), which is orthogonal to other DoS approaches to increase the attack impact such as flooding and DNS amplification. We model the DNS system using a state diagram and comprehensively analyze the threat space, identifying the threat vectors which include not only the random/invalid domains but also those using the domain name structure to combine valid strings and random strings. Query-crafting DoS threats generate new domain-name payloads for each query and force increased complexity in the DNS query resolution. We test the query-crafting DoS threats by taking empirical measurements on the Internet and show that they amplify the DoS impact on the DNS system (recursive resolver) by involving more communications and taking greater time duration. To defend against such DoS or DDoS threats, we identify the relevant detection features specific to query-crafting threats and evaluate the defense using our prototype in CloudLab.
Citation Keychang_query-crafting_2020