DNS attack mitigation Using OpenStack Isolation. (arXiv:2106.04575v1 [cs.CR])

The Domain Name System (DNS) is essential for the Internet, giving a
mechanism to resolve hostnames into Internet Protocol (IP) addresses. DNS is
known as the world’s largest distributed database that manages hostnames and
Internet Protocol. By having the DNS, only simple names that can be easily
memorized will be used and then the domain name system will map it into the
numeric Internet Protocol addresses that are used by computers to communicate.
This research aims to propose a model for the development of a private cloud
infrastructure to host DNS. The cloud infrastructure will be created using the
OpenStack software platform where each server will be hosted separately in a
different virtual machine. Virtual network architecture will be created using
the Software Defined Networking (SDN) approach and it will be secured using
Firewall as a Service (FWaaS). By hosting DNS in private cloud infrastructure,
the DNS servers will be out of reach by attackers which will prevent DNS
attacks. Besides, available research had proven that the cloud is the best
choice for DNS. A prototype had been implemented and evaluated for its
efficiencies. The findings from the evaluation carried out shown a positive
result.