Visible to the public Intelligent-Driven Adapting Defense Against the Client-Side DNS Cache Poisoning in the Cloud

TitleIntelligent-Driven Adapting Defense Against the Client-Side DNS Cache Poisoning in the Cloud
Publication TypeConference Paper
Year of Publication2020
AuthorsMa, Tengchao, Xu, Changqiao, Zhou, Zan, Kuang, Xiaohui, Zhong, Lujie, Grieco, Luigi Alfredo
Conference NameGLOBECOM 2020 - 2020 IEEE Global Communications Conference
Date Publisheddec
Keywordsclient-side DNS cache poisoning attack, cloud computing, Cloud Security, Computer crime, deep reinforcement learning, delays, Encryption, Games, IP networks, pubcrawl, resilience, Resiliency, Servers, Stochastic Computing Security, Stochastic game
AbstractA new Domain Name System (DNS) cache poisoning attack aiming at clients has emerged recently. It induced cloud users to visit fake web sites and thus reveal information such as account passwords. However, the design of current DNS defense architecture does not formally consider the protection of clients. Although the DNS traffic encryption technology can alleviate this new attack, its deployment is as slow as the new DNS architecture. Thus we propose a lightweight adaptive intelligent defense strategy, which only needs to be deployed on the client without any configuration support of DNS. Firstly, we model the attack and defense process as a static stochastic game with incomplete information under bounded rationality conditions. Secondly, to solve the problem caused by uncertain attack strategies and large quantities of game states, we adopt a deep reinforcement learning (DRL) with guaranteed monotonic improvement. Finally, through the prototype system experiment in Alibaba Cloud, the effectiveness of our method is proved against multiple attack modes with a success rate of 97.5% approximately.
DOI10.1109/GLOBECOM42002.2020.9322430
Citation Keyma_intelligent-driven_2020