Abstract
There are many domain names which are registered to DNS but unused. We define them as “dark domain name”. We show that these dark domain names have serious threat to DNS operating. From our experiments, we found that when query for dark domain names are done, the response time becomes unusually long and huge load is given for retrieval operation in DNS servers. As the result, cashing DNS server, root name server and Authoritative DNS server fall into DoS situation simultaneously, communication receives obstacles intentionally. We discuss the influence of our proposed attack and countermeasure. As the result, we face some dilemmas.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Anagnostopoulos, M., Kambourakis, G., Kopanos, P., Louloudakis, G., Gritzalis, S.: DNS amplification attack revisited. Comput. Secur. 39(Part B), 475–485 (2013)
Eastlake, D.: Domain Name System Security Extensions, Request for Comments 2535. Internet Engineering Task Force, March 1999
Hacker News. https://news.ycombinator.com/
Huang, C., Holt, N., Wang, Y.A., Greenberg, A., Li, J., Ross, K.W.: A DNS reflection method for global traffic management. In: USENIXATC 2010 Proceedings of the 2010 USENIX Conference on USENIX Annual Technical Conference, pp. 1–6, June 2010
ICANN: Uniform Domain Name Dispute Resolution Policy. https://www.icann.org/resources/pages/help/dndr/udrp-en. Accessed 20 July 2017
Kaminsky, D.: Black ops 2008-it’s the end of the cache as we know it. In: Presented at BlackHat2008, August 2008
Mockapetris, P.: Domain Names - Concepts and Facilities, Request for Comments 1034. Internet Engineering Task Force, November 1987
NANOG63 Meeting Presentation, DNS Track, Pseudo Random DNS Query Attacks & Resolver Mitigation Approaches, Moderators D.Wessels (VeriSign), February 2015. https://www.nanog.org/sites/default/files/nanog63-dnstrack-winstead-attacks.pdf. Accessed 20 July 2017
Narayan, A., Kumar, U.: A defence mechanism: DNS based DDoS attack. Int. J. Comput. Trends Technol. (IJCTT) 33(1), 1–8 (2016)
National Telecommunications and Information Administration: Statement of Policy on the Management of Internet Names and Addresses, Docket Number: 980212036–8146-02, December 2014
National Telecommunications and Information Administration: United States Department of Commerce, Management of Internet Names and Addresses, Docket Number: 980212036–8146-02, February 2015
Satam, P., Alipour, H., Al-Nashif, Y., Hariri, S.: Anomaly behavior analysis of DNS protocol. J. Int. Serv. Inf. Secur. (JISIS) 5(4), 85–97 (2015)
VMware Infrastructure Architecture Overview. https://www.vmware.com/
WHOIS. https://who.is/
Wireshark. https://www.wireshark.org/
Acknowledgment
This work was supported by JSPS KAKENHI Grant Number 17K06455.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Munkhbaatar, B., Mimura, M., Tanaka, H. (2017). Dark Domain Name Attack: A New Threat to Domain Name System. In: Shyamasundar, R., Singh, V., Vaidya, J. (eds) Information Systems Security. ICISS 2017. Lecture Notes in Computer Science(), vol 10717. Springer, Cham. https://doi.org/10.1007/978-3-319-72598-7_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-72598-7_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72597-0
Online ISBN: 978-3-319-72598-7
eBook Packages: Computer ScienceComputer Science (R0)