Survey on key technologies for protective DNS service
The domain name system (DNS) is a naming service for Internet resources that provides the function of converting from domain names to IP addresses. It serves as the entry point for users to access Internet applications and is also the key point for client-side security threat perception and mitigati...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2024-10-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024065 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529497028919296 |
|---|---|
| author | MA Yongzheng LI Hongtao MA Zhongsheng HU Weihong ZHANG Zhongxian |
| author_facet | MA Yongzheng LI Hongtao MA Zhongsheng HU Weihong ZHANG Zhongxian |
| author_sort | MA Yongzheng |
| collection | DOAJ |
| description | The domain name system (DNS) is a naming service for Internet resources that provides the function of converting from domain names to IP addresses. It serves as the entry point for users to access Internet applications and is also the key point for client-side security threat perception and mitigation. Common DNS abuses and related security threats on the client side include phishing, malware, and other attacks based on DNS. The protective DNS (PDNS) service leverages the existing DNS protocol and architecture to detect and mitigate threats by analyzing DNS queries, thereby protecting users against potential security threads at the source. Currently, a systematic introduction and research on PDNS service in academia and industry is lacking. The existing work, application status, and architecture and functions of PDNS were systematically sorted out. The key technologies associated with PDNS, including DNS-related threat mitigation, DNS anomaly detection, threat intelligence management, and data storage and management technology, were reviewed. The issues and challenges faced by PDNS were analyzed, and future development trends and research directions for PDNS were proposed. |
| format | Article |
| id | doaj-art-1c99a8fd23cf4f2c86eb5fc777b30fba |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2024-10-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-1c99a8fd23cf4f2c86eb5fc777b30fba2025-01-15T03:17:22ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2024-10-0110395577772417Survey on key technologies for protective DNS serviceMA YongzhengLI HongtaoMA ZhongshengHU WeihongZHANG ZhongxianThe domain name system (DNS) is a naming service for Internet resources that provides the function of converting from domain names to IP addresses. It serves as the entry point for users to access Internet applications and is also the key point for client-side security threat perception and mitigation. Common DNS abuses and related security threats on the client side include phishing, malware, and other attacks based on DNS. The protective DNS (PDNS) service leverages the existing DNS protocol and architecture to detect and mitigate threats by analyzing DNS queries, thereby protecting users against potential security threads at the source. Currently, a systematic introduction and research on PDNS service in academia and industry is lacking. The existing work, application status, and architecture and functions of PDNS were systematically sorted out. The key technologies associated with PDNS, including DNS-related threat mitigation, DNS anomaly detection, threat intelligence management, and data storage and management technology, were reviewed. The issues and challenges faced by PDNS were analyzed, and future development trends and research directions for PDNS were proposed.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024065domain name system (DNS)protective DNS (PDNS) serviceDNS threat mitigationDNS anomaly detectionthreat intelligence managementdata storage management |
| spellingShingle | MA Yongzheng LI Hongtao MA Zhongsheng HU Weihong ZHANG Zhongxian Survey on key technologies for protective DNS service 网络与信息安全学报 domain name system (DNS) protective DNS (PDNS) service DNS threat mitigation DNS anomaly detection threat intelligence management data storage management |
| title | Survey on key technologies for protective DNS service |
| title_full | Survey on key technologies for protective DNS service |
| title_fullStr | Survey on key technologies for protective DNS service |
| title_full_unstemmed | Survey on key technologies for protective DNS service |
| title_short | Survey on key technologies for protective DNS service |
| title_sort | survey on key technologies for protective dns service |
| topic | domain name system (DNS) protective DNS (PDNS) service DNS threat mitigation DNS anomaly detection threat intelligence management data storage management |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024065 |
| work_keys_str_mv | AT mayongzheng surveyonkeytechnologiesforprotectivednsservice AT lihongtao surveyonkeytechnologiesforprotectivednsservice AT mazhongsheng surveyonkeytechnologiesforprotectivednsservice AT huweihong surveyonkeytechnologiesforprotectivednsservice AT zhangzhongxian surveyonkeytechnologiesforprotectivednsservice |