research-article

Security issues related with DNS dynamic updates for mobile nodes: a survey

Authors:

Sadaf Yasmin,

Muhammad Yousaf,

Amir QayyumAuthors Info & Claims

FIT '10: Proceedings of the 8th International Conference on Frontiers of Information Technology

Article No.: 17, Pages 1 - 6

https://doi.org/10.1145/1943628.1943645

Published: 21 December 2010 Publication History

Get Access

Abstract

In today's heterogeneous wireless environment mobile nodes can move across different networks. This movement can cause to change the IP address of the mobile node thus, making it unreachable for other nodes in the network. In order to be available for other nodes, mobile node needs some location management mechanism. DNS dynamic updates have been proposed to be used as location manager for many transport layer mobility management protocols. Although secure dynamic DNS updates are used for location management however, we have found that these secure updates are also susceptible to certain security issues. In this paper, we have highlighted many of these issues and discussed solutions that address these security issues. It has also been found that many of these attacks are interdependent on each other.

References

[1]

Albitz, P., Liu C., "DNS and BIND", O'Reilly and Associates, Sebastopol, 4th edition, April 2001

Digital Library

Google Scholar

[2]

Eastlake, D., RFC 2535: Domain Name System Security Extensions, Internet Engineering Task Force, March 1999

Digital Library

Google Scholar

[3]

Eastlake, D. RFC 2930: Secret key establishment for DNS (TKEY RR), IETF, September 2000

Digital Library

Google Scholar

[4]

Eronen, P. and Sars, J., "Applying decentralized trust management to DNS dynamic updates", In Proceedings of the NordU/USENIX, Stockholm, Sweden 2011

Google Scholar

[5]

Funato, D. et al., "TCP-R: TCP mobility support for continuous operation", In Proceedings of International Conference on Network Protocols, 1997, 229--236

Digital Library

Google Scholar

[6]

Hsieh, H., et al., "An end-to-end approach for transparent mobility across heterogeneous wireless networks", Mobile Networks and Applications Volume 9, Issue 4 (August 2004) Pages: 363--378

Digital Library

Google Scholar

[7]

Ramaswamy, C. and Scoot, R., "Secure domain name system (DNS) deployment guide", Draft National Institute of standards and Technology NIST Special Publication 800--81 April 11, 2005

Google Scholar

[8]

Robert, J., "Dynamic DNS and Location Tracking -- Risks and benefits", Craic Computing Technical Report, 2006

Google Scholar

[9]

Tsukamoto, K. et al., "Vertical Handover Management Scheme Using Multiple TCP Connections for Heterogeneous Networks", In Proceedings of WiNTECH'07, Montr éal, Québec, Canada, 2007

Digital Library

Google Scholar

[10]

Vixie, P., Thomson, S., Rekhter, Y. and Vound, J., RFC2136: Dynamic Update in the Domain Name Systems, Internet Engineering Task Force, April 1997

Google Scholar

[11]

Vixie, P. et al., RFC 2845: Secret Key Transmission Authentication for DNS (TSIG), Internet Engineering Task Force, May 2000

Google Scholar

[12]

Wang, X., Huang, Y., Desmedt, Y. and Rine, D., "Enabling secure on-line DNS dynamic update", In Proceedings of 16th Annual Computer Security Applications Conference (ACSAC'00), 2000

Digital Library

Google Scholar

[13]

Wellington, B. RFC 3007: Secure Domain Name System (DNS) Dynamic Update, Internet Engineering Task Force, November 2000

Digital Library

Google Scholar

[14]

Wu, Y., Le, Y., Zhang, D., "An Improved TCP Migrate Scheme with DNS Handover Assistant for End-to-End Mobility", ICC apos;07. 24--28 June 2007 Page(s):1923--1928

Google Scholar

Cited By

View all

Cazarotto Pda Costa Cda Rosa Righi RBarbosa J(2012)Efficient combination of DNS, P2P and mobile devices for improving commerce between supliers and consumers2012 XXXVIII Conferencia Latinoamericana En Informatica (CLEI)10.1109/CLEI.2012.6427232(1-8)Online publication date: Oct-2012
https://doi.org/10.1109/CLEI.2012.6427232
Srivastava AMisra A(2012)Plugging DHCP Security Holes Using S-DHCPAdvances in Computing and Information Technology10.1007/978-3-642-31513-8_23(227-238)Online publication date: 2012
https://doi.org/10.1007/978-3-642-31513-8_23

Index Terms

Security issues related with DNS dynamic updates for mobile nodes: a survey
1. Networks
  1. Network protocols

Recommendations

RFC 6731: Improved Recursive DNS Server Selection for Multi-Interfaced Nodes
Securing DNS: Extending DNS Servers with a DNSSEC Validator

DNS Security Extensions (DNSSEC) is a proposed standard for securely authenticating information in the Domain Name System. DNSSEC validators check the digital signatures on DNS data. However, designing a validator worth the operational costs is a ...
A framework for DNS naming services for Internet-of-Things devices
Abstract
This paper proposes a new naming framework for Domain Name System (DNS) Name Autoconfiguration (called DNSNA) for Internet of Things (IoT) devices in Internet Protocol (IP) version 6 (IPv6) and IP version 4 (IPv4) networks. As the ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

FIT '10: Proceedings of the 8th International Conference on Frontiers of Information Technology

December 2010

281 pages

ISBN:9781450303422

DOI:10.1145/1943628

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

SIGAI: ACM Special Interest Group on Artificial Intelligence

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 December 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

FIT '10

Sponsor:

FIT '10: 8th International Conference on Frontiers of Information Technology

December 21 - 23, 2010

Islamabad, Pakistan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
250
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Cazarotto Pda Costa Cda Rosa Righi RBarbosa J(2012)Efficient combination of DNS, P2P and mobile devices for improving commerce between supliers and consumers2012 XXXVIII Conferencia Latinoamericana En Informatica (CLEI)10.1109/CLEI.2012.6427232(1-8)Online publication date: Oct-2012
https://doi.org/10.1109/CLEI.2012.6427232
Srivastava AMisra A(2012)Plugging DHCP Security Holes Using S-DHCPAdvances in Computing and Information Technology10.1007/978-3-642-31513-8_23(227-238)Online publication date: 2012
https://doi.org/10.1007/978-3-642-31513-8_23

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

RFC 6731: Improved Recursive DNS Server Selection for Multi-Interfaced Nodes

Securing DNS: Extending DNS Servers with a DNSSEC Validator

A framework for DNS naming services for Internet-of-Things devices