ScienceAsia 42S(2016): 49-55 |doi:
Model checking the DNS under DNS cache-poisoning attacks using SPIN
Wei Zhanga,b,*, Meihong Yanga, Xinchang Zhanga, Huiling Shia
ABSTRACT: Domain name system (DNS) security has garnered substantial interest due to DNS cache-poisoning attacks. In this article, a model checking method is employed to verify the security of the DNS protocol, especially when it is under DNS cache-poisoning attacks. The DNS protocol is first translated into a simpler model that preserves all the attack behaviour to be verified. Extended finite state machine models are given and represented in PROMELA which can be identified by SPIN; and then the whole process of model checking is proposed. The initial results on verification of the DNS under DNS cache-poisoning attacks using SPIN are also proposed. From the experimental results it can be seen that the security of DNS should be carefully considered.
||Shandong Key Laboratory of Computer Networks, Shandong Computer Science Centre (National Supercomputer Centre in Jinan), Jinan 250000, China
||College of Information Science and Engineering, Shandong University of Science and Technology, Qingdao 266510, China
* Corresponding author, E-mail: firstname.lastname@example.org
Received 7 Jun 2017, Accepted 0 0000