摘要
域名系统为互联网的应用提供域名与IP地址的相互转换服务,是互联网的重要基础设施。DNS的安全是互联网稳定运行的保障,也是互联网安全研究的重要内容。现有研究主要通过设计增强协议、监测机制和使用方法来提高DNS系统的安全防护能力,但近期的DNS攻击事件表明,DNS安全依然存在很多极具挑战性的问题没有解决。从安全增强、行为监测和隐私保护等方面对现有成果和挑战问题进行了总结和讨论。
The domain name system is a critical component of the Internet infrastructure, which maps host names to IP ad-dresses and is involved in most Internet transactions. DNS security has a profound effect on the overall security of Internet and it is also a vital research content of Internet security. In order to improve the security capability of DNS, many enhanced protocols, monitoring mechanisms and best practices were proposed. But recent DNS attack events indicate there are still many recent major research challenges of DNS security problems. The existing achievements and challenges were summarized and discussed, which included security enhanced, behavior monitoring and privacy protection.
作者
胡宁
邓文平
姚苏
HU Ning DENG Wen-ping YAO Su(School of Computer, National University of Defense Technology, Changsha 410073, China School of Electronics and Information Engineering, Beijing Jiaotong University, Beijing 100044, China)
出处
《网络与信息安全学报》
2017年第3期13-21,共9页
Chinese Journal of Network and Information Security
基金
国家自然科学基金资助项目(No.61202486)~~