4 research outputs found
TI-DNS: A Trusted and Incentive DNS Resolution Architecture based on Blockchain
Domain Name System (DNS) is a critical component of the Internet
infrastructure, responsible for translating domain names into IP addresses.
However, DNS is vulnerable to some malicious attacks, including DNS cache
poisoning, which redirects users to malicious websites displaying offensive or
illegal content. Existing countermeasures often suffer from at least one of the
following weakness: weak attack resistance, high overhead, or complex
implementation. To address these challenges, this paper presents TI-DNS, a
blockchain-based DNS resolution architecture designed to detect and correct the
forged DNS records caused by the cache poisoning attacks in the DNS resolution
process. TI-DNS leverages a multi-resolver Query Vote mechanism to ensure the
credibility of verified records on the blockchain ledger and a stake-based
incentive mechanism to promote well-behaved participation. Importantly, TI-DNS
is easy to be adopted as it only requires modifications to the resolver side of
current DNS infrastructure. Finally, we develop a prototype and evaluate it
against alternative solutions. The result demonstrates that TI-DNS effectively
and efficiently solves DNS cache poisoning