Efficient Domain Name Server Protection Techniques
Department of Defense
Agency Tracking Number:
Solicitation Topic Code:
Small Business Information
Architecture Technology Corporation
9977 Valley View Road, Eden Prairie, MN, 55344
Socially and Economically Disadvantaged:
AbstractThe Domain Name Server (DNS) is a distributed database that provides name resolution between domain names and IP addresses. The DNS Infrastructure is vulnerable to Denial of Service (DoS) attacks, which can result in catastrophic consequences for the both military and civilian users of the Internet. Currently, patching the DNS server and DNS security extensions (DNSSEC) are the only methods available for securing the DNS Infrastructure against DoS attacks. However, patching and DNSSEC only provide protection against a limited set of attacks that target the DNS infrastructure. Comprehensive protection of the DNS infrastructure requires a set of countermeasure techniques that can cover a wide range of possible attacks. These countermeasure techniques should complement each other and work with each other to provide total protection to the DNS infrastructure. To address this issue, Architecture Technology Corporation (ATC) proposes to design and implement DNSsentinel, a set of innovative DoS countermeasure techniques for protecting the DNS Infrastructure. DNSsentinel can be easily integrated into military and civilian networks. It can be deployed without making changes to the DNS Infrastructure and it utilizes existing network protocols.
* information listed above is at the time of submission.