TY - GEN
T1 - Collaborative Spoofing Detection and Mitigation - SDN Based Looping Authentication for DNS Services
AU - Sahri, N. M.
AU - Okamura, Koji
N1 - Publisher Copyright:
© 2016 IEEE.
Copyright:
Copyright 2017 Elsevier B.V., All rights reserved.
PY - 2016/8/24
Y1 - 2016/8/24
N2 - As DNS packet are mostly UDP-based, make it as a perfect platform for hackers to launch a well-known type of distributed denial of service (DDoS). The purpose of this attack is to saturate the DNS server availability and resources with unwanted DNS query traffic. This type of attack utilizes a large number of botnet and usually perform spoofing on the IP address of the targeted victim. While it is difficult to identify which one is legitimate or attack traffic, we take a different approach for spoofing detection strategies to protect the DNS server by utilizing Software Defined Networking (SDN). In this paper, we present CAuth, a novel mechanism that autonomously block the spoofing packet while authenticate the legitimate query. By manipulating Openflow control message, we design a collaborative approach between client and server network. Whenever a server controller receives query packet, it will send an authentication packet back to the client network and later the client controller also reply via authentication packet back to the server controller. The server controller will only forward the query to the respective server if it receives the replied authentication packet from the client. From the evaluation, CAuth instantly manage to block spoofing query packet while authenticate the legitimate query as soon as the mechanism started.
AB - As DNS packet are mostly UDP-based, make it as a perfect platform for hackers to launch a well-known type of distributed denial of service (DDoS). The purpose of this attack is to saturate the DNS server availability and resources with unwanted DNS query traffic. This type of attack utilizes a large number of botnet and usually perform spoofing on the IP address of the targeted victim. While it is difficult to identify which one is legitimate or attack traffic, we take a different approach for spoofing detection strategies to protect the DNS server by utilizing Software Defined Networking (SDN). In this paper, we present CAuth, a novel mechanism that autonomously block the spoofing packet while authenticate the legitimate query. By manipulating Openflow control message, we design a collaborative approach between client and server network. Whenever a server controller receives query packet, it will send an authentication packet back to the client network and later the client controller also reply via authentication packet back to the server controller. The server controller will only forward the query to the respective server if it receives the replied authentication packet from the client. From the evaluation, CAuth instantly manage to block spoofing query packet while authenticate the legitimate query as soon as the mechanism started.
UR - http://www.scopus.com/inward/record.url?scp=84987957361&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84987957361&partnerID=8YFLogxK
U2 - 10.1109/COMPSAC.2016.6
DO - 10.1109/COMPSAC.2016.6
M3 - Conference contribution
AN - SCOPUS:84987957361
T3 - Proceedings - International Computer Software and Applications Conference
SP - 565
EP - 570
BT - Proceedings - 2016 IEEE 40th Annual Computer Software and Applications Conference Workshops, COMPSAC 2016
A2 - Liu, Ling
A2 - Milojicic, Dejan
A2 - Zhang, Zhiyong
A2 - Zhang, Zhiyong
A2 - Ahamed, Sheikh Iqbal
A2 - Sato, Hiroyuki
A2 - Cimato, Stevlio
A2 - Claycomb, William
A2 - Reisman, Sorel
A2 - Nakamura, Motonori
A2 - Lung, Chung Horng
A2 - Matskin, Mihhail
PB - IEEE Computer Society
T2 - 2016 IEEE 40th Annual Computer Software and Applications Conference, COMPSAC 2016
Y2 - 10 June 2016 through 14 June 2016
ER -