Hypervisor-based security architecture for validating DNS services (Poster)

Dilshan Jayarathna, Udaya Tupakula, Vijay Varadharajan

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

2 Citations (Scopus)

Abstract

Domain Name System (DNS) is one of the critical services in the current Internet infrastructure. However DNS is vulnerable to a range of attacks. One of the fundamental weaknesses with the existing DNS protocols is that the request and response messages are transmitted on the network as plain text. This paper addresses important threats related to Doman Name System (DNS) using a hypervisor based security architecture. The proposed architecture leverages the hypervisor visibility of the virtual machines' traffic flows to monitor and utilise Virtual Machine Introspection (VMI) techniques to inspect and restore data. It also uses inbuilt snapshot/restore capabilities of the hypervisor to completely restore virtual machines if required. Objective of the proposed architecture is not to actively prevent attacks, but provide a means of identifying different attacks by passively monitoring DNS related conversations coming in and out of virtualised system hosting the DNS. Our model can alert the external monitoring agent(s) or security administrator and actively restore the system if the attack has already compromised the DNS.

Original languageEnglish
Title of host publicationInformation Security 2014 - Proceedings of the Twelfth Australasian Information Security Conference, AISC 2014
EditorsUdaya Parampalli, Ian Welch
Place of PublicationSydney, Australia
PublisherAustralian Computer Society
Pages83-86
Number of pages4
Volume149
ISBN (Print)9781921770326
Publication statusPublished - 2014
EventTwelfth Australasian Information Security Conference, AISC 2014 - Auckland, New Zealand
Duration: 20 Jan 201423 Jan 2014

Other

OtherTwelfth Australasian Information Security Conference, AISC 2014
CountryNew Zealand
CityAuckland
Period20/01/1423/01/14

Fingerprint Dive into the research topics of 'Hypervisor-based security architecture for validating DNS services (Poster)'. Together they form a unique fingerprint.

  • Cite this

    Jayarathna, D., Tupakula, U., & Varadharajan, V. (2014). Hypervisor-based security architecture for validating DNS services (Poster). In U. Parampalli, & I. Welch (Eds.), Information Security 2014 - Proceedings of the Twelfth Australasian Information Security Conference, AISC 2014 (Vol. 149, pp. 83-86). Sydney, Australia: Australian Computer Society.