• Search Research Projects
  • Search Researchers
  • How to Use
  1. Back to project page

2023 Fiscal Year Final Research Report

Integrated design and construction of efficient detection and terminal decontamination for DNS contamination

Research Project

  • PDF
Project/Area Number 18K11291
Research Category

Grant-in-Aid for Scientific Research (C)

Allocation TypeMulti-year Fund
Section一般
Review Section Basic Section 60070:Information security-related
Research InstitutionTokyo Institute of Technology

Principal Investigator

Tomoishi Masahiko  東京工業大学, 学術国際情報センター, 教授 (60262284)

Co-Investigator(Kenkyū-buntansha) 金 勇  東京工業大学, 学術国際情報センター, マネジメント准教授 (60725787)
Project Period (FY) 2018-04-01 – 2024-03-31
KeywordsDNS security
Outline of Final Research Achievements

We proposed a system to mitigate attacks against DNS cache. The system collects history including terminal information, extracts usage features, and performs learning, and, also performs history-based feature extraction and anomaly detection on the cache side. We designed and implemented a prototype of this system. In the process, we obtained some knowledge about security in DNS and presented our research. Specifically, we found that the security of communication between the terminal and the resolver is necessary to ensure the security of the DNS, we also developed a method to keep a history of name-drawing for each application in the terminal, and to use the name-drawing of security devices that use DNS by using the DNS standard functions, the research presented a method to reduce the load on security equipment as well as to inspect the name-drawing of security equipment using DNS at the time of relay.

Free Research Field

Network management

Academic Significance and Societal Importance of the Research Achievements

DNSのに対する攻撃について考える上で、端末毎やさらにアプリケーション毎に名前引きの内容を詳細化して検討する手法についての構成を複数提案し、サンプル実装を行った。端末内の名前引きを詳細化にすることはOS毎に違い、また、見えづらいため、このような前例は、こういったアプローチのきっかけになっている。また、その情報を集約し、具体的に利用することについても、プロトタイプまでは行っており、実装への目処はつけた。
周辺成果として発表した、ファイアウォールでの悪性サイトの検査負荷を、DNSを用いて、遅延させたり、オンディマンドにさせる手法については、今後の発展が期待できる。

URL: 

Published: 2025-01-30  

Information User Guide FAQ News Terms of Use Attribution of KAKENHI

Powered by NII kakenhi