DNS Cache Poisoning Attack Analysis and Detection Using Packet Header

  • B. B. Jayasingh Professor, CVR College of Engineering/IT Department, Hyderabad, India

Abstract

DNS is the most critical component in the internet and its security is crucially challenged. The normal operation of DNS is to acquire the correct domain to IP address mapping to browse the web and sending emails etc. DNS cache poisoning is an attack strategy that diverts the network traffic to attacker’s computer by exploiting the vulnerabilities in the DNS server. The web server is susceptible to many kinds of attacks. One such attack called DNS cache poisoning attack is discussed here. The attack procedure of the DNS cache is briefly narrated so that the algorithmic solution is easily developed by following an IF then Else conditional rules. In this paper, we developed an algorithm to detect DNS cache poisoning attack based on packet header analysis. The DNS packets are captured through ETHEREAL software and stored in a log after dissection of the packet header. The logged packets are analyzed and processed through an algorithm in order to detect the possibility of DNS Cache Poisoning attack.

Published
2019-08-29