DNS Amplification DNS Tunneling Attacks Simulation, Detection and Mitigation Approaches

Abstract

DNS is a critical infrastructure service of the Internet that translates hostnames to network IP addresses and vice versa. The criticality of DNS can be evidenced by the fact that all most all organizations and enterprises do not block DNS traffic, as it would eventually stop access to the Internet. As a result, attackers have been exploiting the DNS infrastructure and using it as a launchpad for carrying out various attacks e.g. DoS/DDoS, DNS reflection amplification, DNS tunneling, NXDOMAIN attack, and DNS hijacking, etc. During the historic implementation of DNS protocol, its security was not considered which lead to the exploitation of various vulnerabilities in the DNS infrastructure.This paper brings out the technicalities behind DNS amplification and DNS tunneling attacks and presents a number of countermeasures and mitigation techniques to protect against these attacks and the DNS Infrastructure. © 2020 IEEE.