• Search Research Projects
  • Search Researchers
  • How to Use
  1. Back to previous page

Integrated design and construction of efficient detection and terminal decontamination for DNS contamination

Research Project

Project/Area Number 18K11291
Research Category

Grant-in-Aid for Scientific Research (C)

Allocation TypeMulti-year Fund
Section一般
Review Section Basic Section 60070:Information security-related
Research InstitutionTokyo Institute of Technology

Principal Investigator

Tomoishi Masahiko  東京工業大学, 学術国際情報センター, 教授 (60262284)

Co-Investigator(Kenkyū-buntansha) 金 勇  東京工業大学, 学術国際情報センター, マネジメント准教授 (60725787)
Project Period (FY) 2018-04-01 – 2024-03-31
Project Status Completed (Fiscal Year 2023)
Budget Amount *help
¥4,290,000 (Direct Cost: ¥3,300,000、Indirect Cost: ¥990,000)
Fiscal Year 2020: ¥1,040,000 (Direct Cost: ¥800,000、Indirect Cost: ¥240,000)
Fiscal Year 2019: ¥1,170,000 (Direct Cost: ¥900,000、Indirect Cost: ¥270,000)
Fiscal Year 2018: ¥2,080,000 (Direct Cost: ¥1,600,000、Indirect Cost: ¥480,000)
KeywordsDNS security / DNSセキュリティ / ネットワークセキュリティ / 不正アクセス対策 / DNS / キャッシュポイズニング
Outline of Final Research Achievements

We proposed a system to mitigate attacks against DNS cache. The system collects history including terminal information, extracts usage features, and performs learning, and, also performs history-based feature extraction and anomaly detection on the cache side. We designed and implemented a prototype of this system. In the process, we obtained some knowledge about security in DNS and presented our research. Specifically, we found that the security of communication between the terminal and the resolver is necessary to ensure the security of the DNS, we also developed a method to keep a history of name-drawing for each application in the terminal, and to use the name-drawing of security devices that use DNS by using the DNS standard functions, the research presented a method to reduce the load on security equipment as well as to inspect the name-drawing of security equipment using DNS at the time of relay.

Academic Significance and Societal Importance of the Research Achievements

DNSのに対する攻撃について考える上で、端末毎やさらにアプリケーション毎に名前引きの内容を詳細化して検討する手法についての構成を複数提案し、サンプル実装を行った。端末内の名前引きを詳細化にすることはOS毎に違い、また、見えづらいため、このような前例は、こういったアプローチのきっかけになっている。また、その情報を集約し、具体的に利用することについても、プロトタイプまでは行っており、実装への目処はつけた。
周辺成果として発表した、ファイアウォールでの悪性サイトの検査負荷を、DNSを用いて、遅延させたり、オンディマンドにさせる手法については、今後の発展が期待できる。

Report

(7 results)
  • 2023 Annual Research Report   Final Research Report ( PDF )
  • 2022 Research-status Report
  • 2021 Research-status Report
  • 2020 Research-status Report
  • 2019 Research-status Report
  • 2018 Research-status Report
  • Research Products

    (14 results)

All 2022 2021 2020 2019 2018

All Presentation (14 results) (of which Int'l Joint Research: 10 results)

  • [Presentation] Forged Cache Isolation on DNS Full-Service Resolvers and Identification of Infected End Clients2022

    • Author(s)
      Yong Jin, Masahiko Tomoishi, Satoshi Matsuura
    • Organizer
      2022 the 12th International Workshop on Computer Science and Engineering
    • Related Report
      2022 Research-status Report
    • Int'l Joint Research
  • [Presentation] Trigger-based Blocking Mechanism for Access to Email-derived Phishing URLs with User Alert2022

    • Author(s)
      Y. Jin, M. Tomoishi and N. Yamai
    • Organizer
      2023 International Conference on Electronics, Information, and Communication
    • Related Report
      2022 Research-status Report
    • Int'l Joint Research
  • [Presentation] Anomaly Detection on User Terminals Based on Outbound Traffic Filtering by DNS Query Monitoring and Application Program Identification2021

    • Author(s)
      Y. Jin, M. Tomoishi, and N. Yamai
    • Organizer
      2021 The 6th International Conference on Information and Network Technologies (ICINT2021)
    • Related Report
      2021 Research-status Report
    • Int'l Joint Research
  • [Presentation] Secure Remote Monitoring and Cipher Data Sharing for IoT Healthcare System with Privacy Preservation2021

    • Author(s)
      Y. Jin, M. Tomoishi, and N. Yamai
    • Organizer
      2021 The 5th International Conference on Cloud and Big Data Computing (ICCBDC)
    • Related Report
      2021 Research-status Report
    • Int'l Joint Research
  • [Presentation] Acceleration of a Client Based DNSSEC Validation System in Parallel with Two Full-Service Resolvers2021

    • Author(s)
      Y. Jin, K. Iguchi, N. Yamai and M. Tomoishi
    • Organizer
      2022 The 24th International Conference on Advanced Communication Technology (ICACT)
    • Related Report
      2021 Research-status Report
    • Int'l Joint Research
  • [Presentation] Forged Cache Isolation on DNS Full-Service Resolvers and Identification of Infected End Clients2021

    • Author(s)
      Y. Jin, M. Tomoishi, and S. Matsuura
    • Organizer
      2022 The 14th International Conference Future Computer and Communication (ICFCC)
    • Related Report
      2021 Research-status Report
    • Int'l Joint Research
  • [Presentation] 家庭向けの遠隔ヘルスケアにおけるDNSを活用した監視システムの試作2021

    • Author(s)
      陸子健, 金勇, 山井成良, 友石正彦
    • Organizer
      情報処理学会インターネットと運用技術研究会
    • Related Report
      2020 Research-status Report
  • [Presentation] A Detour Strategy for Visiting Phishing URLs Based on Dynamic DNS Response Policy Zone2020

    • Author(s)
      Y. Jin, M. Tomoishi and N. Yamai
    • Organizer
      2020 International Symposium on Networks, Computers and Communications (ISNCC)
    • Related Report
      2020 Research-status Report
    • Int'l Joint Research
  • [Presentation] Detection of Hijacked Authoritative DNS Servers by Name Resolution Traffic Classification2019

    • Author(s)
      Y. Jin, M. Tomoishi and S. Matsuura
    • Organizer
      2019 IEEE International Conference on Big Data (Big Data)
    • Related Report
      2019 Research-status Report
  • [Presentation] A Detection Method Against DNS Cache Poisoning Attacks Using Machine Learning Techniques: Work in Progress2019

    • Author(s)
      Y. Jin, M. Tomoishi and S. Matsuura
    • Organizer
      2019 IEEE 8th International Symposium on Network Computing and Applications (NCA)
    • Related Report
      2019 Research-status Report
  • [Presentation] Anomaly Detection by Monitoring Unintended DNS Traffic on Wireless Network2019

    • Author(s)
      Y. Jin, M. Tomoishi and N. Yamai
    • Organizer
      2019 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM)
    • Related Report
      2019 Research-status Report
  • [Presentation] A Lightweight and Secure IoT Remote Monitoring Mechanism Using DNS with Privacy Preservation2019

    • Author(s)
      Y. Jin, M. Tomoishi, K. Fujikawa and V. P. Kafle
    • Organizer
      16th IEEE Annual Consumer Communications & Networking Conference (CCNC)
    • Related Report
      2018 Research-status Report
    • Int'l Joint Research
  • [Presentation] A Client Based DNSSEC Validation Mechanism with Recursive DNS Server Separation2018

    • Author(s)
      Y. Jin, M. Tomoishi and N. Yamai
    • Organizer
      International Conference on Information and Communication Technology Convergence (ICTC)
    • Related Report
      2018 Research-status Report
    • Int'l Joint Research
  • [Presentation] A Client Based Anomaly Traffic Detection and Blocking Mechanism by Monitoring DNS Name Resolution with User Alerting Feature2018

    • Author(s)
      Y. Jin, K. Kakoi, N. Yamai, N. Kitagawa and M. Tomoishi
    • Organizer
      International Conference on Cyberworlds (CW)
    • Related Report
      2018 Research-status Report
    • Int'l Joint Research

URL: 

Published: 2018-04-23   Modified: 2025-01-30  

Information User Guide FAQ News Terms of Use Attribution of KAKENHI

Powered by NII kakenhi