Security of the DNSSEC protocol and its impact on online privacy protection

• Autorzy: Bator Marek , Przystasz Jakub , Serafin Miłosz

Identyfikatory

DOI

10.5281/zenodo.10050033

• Języki publikacji: EN

Abstrakty

EN

The theme of the research paper and its chapters revolve around the security of the DNSSEC protocol and its impact on online privacy. The study delves into the intricacies of the Domain Name System (DNS), exploring its fundamental workings, hierarchical architecture, and the role of the DNS root server, as well as the entities responsible for hosting the 13 DNS Root servers. The paper also examines various types of DNS attacks, including DNS Spoofing, Man-in-the-Middle attacks, DNS cache poisoning, and DNS hijacking, shedding light on the vulnerabilities within the DNS infrastructure. A significant portion of the research is dedicated to the description of DNSSEC (Domain Name System Security Extensions), emphasizing its importance and functionality within DNS zones. This includes an analysis of the mechanisms behind DNSSEC, such as RRSIG, Zone Signing Keys (ZSK), DNSKEY, and Key Signing Keys (KSK), along with discussions on trust establishment in specific DNS zones.

Słowa kluczowe

EN

DNSSEC; security; DNS; name server; Domain Name System Security Extensions; Domain Name System

PL

DNSSEC; bezpieczeństwo; DNS; serwer nazw; rozszerzenia zabezpieczeń systemu nazw domen; system nazw domen

• Wydawca: Patryk Organiściak
• Czasopismo: Advances in Web Development Journal
• Rocznik: 2023
• Tom: Vol. 1
• Strony: 43--63
• Opis fizyczny: Bibliogr. 15 poz., rys., tab.

Twórcy

autor

Bator Marek

• University of Information Technology and Management

autor

Przystasz Jakub

• Rzeszow University of Technology, Department of Complex Systems

autor

Serafin Miłosz

• Rzeszow University of Technology, Department of Complex Systems

Bibliografia

• [1] Shulman, H., & Waidner, M. (2014). DNSSEC for cyber forensics. EURASIP Journal on Information Security, 16(2014). https://doi.org/10.1186/s13635-014-0016-2
• [2] Lutkevich, B. (n.d.). Domain Name System (DNS). TechTarget. https://www.techtarget.com/searchnetworking/definition/domain-name-system
• [3] Cloudflare. (n.d.). What is a DNS Root Server? Cloudflare. https://www.cloudflare.com/learning/dns/glossary/dns-root-server/
• [4] NASK. (2020). Polityka DNSSEC dla domeny .PL. [PDF]. https://www.dns.pl/formularze/DNSSEC_polityka_PL.pdf
• [5] Internet Assigned Numbers Authority. (2022, October 10). Root Servers. https://www.iana.org/domains/root/servers
• [6] (2005). Domain Name System (DNS). In: Understanding IPv6. Springer, Boston, MA. https://doi.org/10.1007/0-387-25614-8_9
• [7] Rudra, A. (2022, May 26). What is DNS Spoofing? PowerDMARC. https://powerdmarc.com/pl/what-is-dns-spoofing/
• [8] Rudra, A. (2022, August 19). What is DNS Cache Poisoning Attack? PowerDMARC. https://powerdmarc.com/pl/what-is-dns-cache-poisoning-attack/
• [9] Andziński, M. (2012). Bezpieczeństwo z DNSSEC. IT w administracji, nr 5. https://www.dns.pl/formularze/Bezpieczenstwo_z_DNSSEC.pdf
• [10] LearnCantrill. (2022, October 10). DNS 101 Miniseries - #5 - Why do we need DNSSEC [Video file]. https://youtu.be/thAUzOnUvP4
• [11] Cloudflare. (n.d.). How DNSSEC Works. https://www.cloudflare.com/dns/dnssec/how-dnssec-works/
• [12] Aitchison, R. (2011). DNSSEC. In: Pro DNS and BIND 10. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4302-3049-6_11
• [13] LearnCantrill. (2022, October 10). DNS 101 Miniseries - #6 - How DNSSEC Works within a Zone [Video file]. https://youtu.be/4qlIim15xwM
• [14] Verisign Labs. (n.d.). DNSSEC Debugger. https://dnssec-debugger.verisignlabs.com
• [15] APNIC Labs. (n.d.). DNSSEC Statistics. https://stats.labs.apnic.net/dnssec

Uwagi

Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).