| Popis: |
With the gradual evolution of the traditional Internet to “Internet+”, the domain name system (DNS) had been continuously expanding from basic address resolution to new models such as comprehensive perception and reliable transmission.Due to the diverse functions and the extensive coverage of DNS in the new scenario, it will cause serious consequences once attacked.Therefore, the research on DNS attack detection and security protection continues and attracts more and more attention.Firstly, several common DNS attacks were introduced, including DNS spoofing, DNS covert channel, DNS distributed denial of service (DDoS) attack, DNS reflection amplification attacks, and malicious DGA domain names.Subsequently, these DNS attack detection technologies were systematically analyzed and summarized from the machine learning perspective.Then, the DNS security protection technologies were sorted out in decentralization, authenticated encryption and limited resolution.Finally, some future research directions were proposed. |
