DNS Cache Poisoning: Investigating Server and Client-Side Attacks and Mitigation Methods

Abstract

DNS cache poisoning is a type of cyber attack that aims to redirect traffic from legitimate websites to malicious ones. In this attack, the attacker modifies the DNS cache of a DNS server, allowing them to redirect requests for legitimate domain names to their own servers. This can result in distribution of malware and phishing attacks. To mitigate the risk of DNS cache poisoning, various techniques such as DNSSEC, source port randomization, and response rate limiting have been developed. This paper provides an overview of DNS cache poisoning, the techniques used to perform the attack, and the countermeasures that can be employed to protect against it. © 2023 IEEE.