Research

Computer Sciences and Information Technology

Title :

SAFE DNS: Securing Against Fraudulent Entries in the Domain Name System

Area of research :

Computer Sciences and Information Technology

Principal Investigator :

Prof. Tamal Das, Indian Institute Of Technology (IIT) Dharwad, Karnataka

Timeline Start Year :

2024

Timeline End Year :

2027

Contact info :

Equipments :

Details

Executive Summary :

Digital communication has made users more vulnerable to online threats, with phishing and spoofing attacks causing ransomware losses of $44,213,707 and $82,169,806, respectively. In 2022, the FBI ICR reported an increased loss of $10.3 billion. In 2021-22, 88% of organizations worldwide experienced DNS attacks. Phishing involves directing users to malicious web pages that are visually similar to legitimate ones, using fraud emails and messages. Defense mechanisms exist to overcome phishing attacks, but attackers have resorted to sophisticated pharming attacks that alter the local Domain Name System (DNS) cache with fraudulent IP entries. The DNS was originally designed for scalability, but security was an afterthought, making it susceptible to attacks like cache poisoning, spoofing, tunneling, DoS, and DDoS. Existing defense mechanisms include content-based similarity and visual similarity between the local DNS response and the publicly available legitimate web page. The IETF proposed a DNSSEC suite extension to overcome these attacks, but it is too complex to deploy, prone to DDoS attacks, and does not provide confidentiality. A browser plug-in and a daemon process are proposed to check if the local DNS response web page domain name matches any entries in the host file. Two approaches are proposed: web page content comparison and web page screenshot comparison. Additionally, a confidentiality triad to the DNSSEC is proposed to provide privacy to data. These approaches would prohibit redirections from the local system to malicious web pages, thereby securing user's sensitive information.

Total Budget (INR):

 46,44,024

Organizations involved

Implementing Agency :

Indian Institute Of Technology (IIT) Dharwad, Karnataka

Funding Agency :

Anusandhan National Rsearch Foundation (ANRF)/Science and Engineering Research Board (SERB)

Source :

Anusandhan National Research Foundation/Science and Engineering Research Board (SERB), DST 2023-24

Related Research

Spatial and temporal monitoring of Indian urban dynamics from satellite images using deep learning
Tracking, Preventing and Controlling COVID-19 through Android App
Mathematical Modeling of COVID-19 Corona virus
Social Distancing Sensor
Empowering the students with enhanced immunity, will power through creative visualisation and Neuro Linguistic Programming