To search, Click below search items.


All Published Papers Search Service


CAuth ? Protecting DNS application from spoofing attacks




Vol. 16  No. 6  pp. 125-134


UDP-based DNS packet is a perfect tool for hackers to launch a well-known type of distributed denial of service (DDoS). The purpose of this attack is to saturate the DNS server availability and resources. This type of attack usually utilizes a large number of botnet and perform spoofing on the IP address of the targeted victim. Therefore, it is hard for the DNS provider to differentiate between legitimate and attack DNS query packets. We take a different approach for IP spoofing detection strategy to protect the DNS server by utilizing Software Defined Networking (SDN). In this paper, we present CAuth, a novel mechanism that autonomously block the spoofing query identified with no impact on legitimate queries. By manipulating Openflow control message, whenever a server controller receives query packet, it will send an authentication packet back to the client network and later the client controller also responds via authentication packet back to the server controller. The server controller will only forward the query to the DNS server if it receives the replied authentication packet from the client. From the evaluation, CAuth instantly manage to block spoofing query packet while authenticate the legitimate query as soon as the mechanism started. Most notably, our mechanism designed with no changes in existing DNS application and Openflow protocol.


DNS flooding attack, spoofing detection, authentication, network security, Openflow, SDN