Abstract: DNS is a critical component of the operation of Internet applications. The Internet is greatly affected if DNS is attacked. DNS spoofing is one of the most popular attack means with the character of high dormancy and good attack effection. But so far, little is done to defend the systerm against this attack. Three methods are presented to detect DNS spoofing attack, and then another three techniques are proposed to identify the bogus packets and the right ones to ensure DNS service even attacked.

Key words: Domain name system (DNS), DNS spoofing, Attack detection

摘要： DNS是目前大部分网络应用的基础，对它的攻击将影响整个Internet的正常运转。DNS欺骗攻击是攻击者常用的手法，它具有隐蔽性强、打击面广、攻击效果明显的特点，但是目前对这种攻击还没有好的防范策略。在分析DNS欺骗原理的基础上提出了3种攻击检测手段和3种识别攻击包的方法，对于提高DNS的安全性和抗攻击性具有积极的作用。

关键词: DNS, DNS欺骗, 攻击检测

CLC Number: 

• TP393.08