{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T07:45:47Z","timestamp":1763451947434,"version":"3.45.0"},"reference-count":25,"publisher":"Wiley","issue":"6","license":[{"start":{"date-parts":[[2025,9,25]],"date-time":"2025-09-25T00:00:00Z","timestamp":1758758400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/onlinelibrary.wiley.com\/termsAndConditions#vor"}],"content-domain":{"domain":["onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["Security and Privacy"],"published-print":{"date-parts":[[2025,11]]},"abstract":"<jats:title>ABSTRACT<\/jats:title>\n                  <jats:p>\n                    The Domain Name System (DNS) serves an important role in accessing and managing domain names. Despite its importance, DNS is vulnerable to numerous network\u2010based attacks such as Distributed Denial\u2010of\u2010Service (DDoS) attacks. While existing defense mechanisms such as filtering, load balancing, and DNSSEC address parts of the problem, they often rely on detection\u2010based models or centralized server architectures that introduce single points of failure. In this paper, we propose an approach to enhance DNS security by adopting Redundant Array of Independent Disks (RAID) technology\u2014specifically, a RAID 5\u2010like configuration adapted to DNS server architecture. Unlike previous approaches, our method treats DNS records like data blocks in a RAID system, distributing them across three independent DNS servers with XOR\u2010based parity encoding to ensure fault tolerance and data recovery. This design introduces proactive, infrastructure\u2010level redundancy to DNS systems, enabling them to continue functioning seamlessly even when one server is attacked or goes offline. We developed a custom DNS environment to implement and evaluate the proposed design under both normal and DDoS attack scenarios. Experimental results demonstrate that the system effectively mitigates data loss and maintains DNS service availability even under attack conditions. If one server is attacked or damaged, the other servers continue to resolve IP addresses without disruption. The results indicate that while the time taken to process multiple DNS requests slightly increases compared to a single DNS operation, the time required to recover from a DDoS attack using a single\u2010server setup is significantly longer\u2010potentially hours or days. Experimental results show that under normal conditions, the average DNS response time remains under 1\u2009s, even with multiple concurrent requests. During a DDoS attack, although the processing time increases, the system continues operating without service disruption due to redundancy and load balancing across multiple servers. By integrating RAID\u2010like principles into DNS server design\u2014a concept not previously\n                    <jats:italic>applied in this context<\/jats:italic>\n                    \u2014this work presents a novel, infrastructure\u2010resilient solution for mitigating DDoS attacks. This solution enhances DNS robustness without relying on complex machine learning models or specialized network hardware, making it scalable and cost\u2010effective for real\u2010world deployment.\n                  <\/jats:p>","DOI":"10.1002\/spy2.70085","type":"journal-article","created":{"date-parts":[[2025,9,26]],"date-time":"2025-09-26T06:09:36Z","timestamp":1758866976000},"update-policy":"https:\/\/doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A Redundant Array of Independent Disks (\n                    <scp>RAID<\/scp>\n                    )\u2010Inspired Framework for Robust Domain Name System (\n                    <scp>DNS<\/scp>\n                    ) Security: Mitigating Distributed Denial\u2010of\u2010Service (\n                    <scp>DDoS<\/scp>\n                    ) Attacks Through Distributed Data Encoding and Redundancy"],"prefix":"10.1002","volume":"8","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-0262-1916","authenticated-orcid":false,"given":"Rima","family":"Masri","sequence":"first","affiliation":[{"name":"College of Engineering, Al Ain University  Abu Dhabi UAE"},{"name":"College of Computing and Mathematical Sciences, Khalifa University  Abu Dhabi UAE"}]},{"given":"Sahel","family":"Alouneh","sequence":"additional","affiliation":[{"name":"College of Engineering, Al Ain University  Abu Dhabi UAE"},{"name":"German Jordanian University  Amman Jordan"}]},{"given":"Bayan Abu","family":"Shawar","sequence":"additional","affiliation":[{"name":"College of Engineering, Al Ain University  Abu Dhabi UAE"}]}],"member":"311","published-online":{"date-parts":[[2025,9,25]]},"reference":[{"key":"e_1_2_8_2_1","unstructured":"L.Zelleke \u201cWhat Is DNS Hierarchy Architecture With Examples (Explained) \u201dCloud Infrastructure Services accessed July 3 2023 https:\/\/cloudinfrastructureservices.co.uk\/what\u2010is\u2010dns\u2010hierarchy\/."},{"key":"e_1_2_8_3_1","unstructured":"\u201cDNSSEC\u2014What Is It and Why Is It Important? \u201dICANN accessed July 7 2023 https:\/\/www.icann.org\/resources\/pages\/dnssec\u2010what\u2010is\u2010it\u2010why\u2010important\u20102019\u201003\u201005\u2010en."},{"volume-title":"DNS Security Extensions (DNSSEC), Request for Comments RFC 9364","year":"2023","author":"Hoffman P. E.","key":"e_1_2_8_4_1"},{"key":"e_1_2_8_5_1","doi-asserted-by":"publisher","DOI":"10.1186\/s13388\u2010015\u20100023\u2010y"},{"volume-title":"DNS Security: Defending the Domain Name System","year":"2016","author":"Liska A.","key":"e_1_2_8_6_1"},{"key":"e_1_2_8_7_1","first-page":"1","article-title":"RAID\u2010Based Storage Systems","volume":"180","author":"Khawatreh S.","year":"2018","journal-title":"International Journal of Computer Applications"},{"key":"e_1_2_8_8_1","unstructured":"M.Tomaszek \u201cWhat is RAID and How Does it Work? \u201daccessed August 21 2023 https:\/\/storware.eu\/blog\/what\u2010is\u2010raid\u2010and\u2010how\u2010does\u2010it\u2010work\/."},{"key":"e_1_2_8_9_1","doi-asserted-by":"publisher","DOI":"10.1088\/1757\u2010899X\/327\/2\/022087"},{"key":"e_1_2_8_10_1","unstructured":"\u201cWhat Is RAID 5? Definition From TechTarget \u201dSearch Storage accessed July 8 2025 https:\/\/www.techtarget.com\/searchstorage\/definition\/RAID\u20105\u2010redundant\u2010array\u2010of\u2010independent\u2010disks."},{"key":"e_1_2_8_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/50202.50214"},{"key":"e_1_2_8_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2021.3050091"},{"key":"e_1_2_8_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2007.42"},{"key":"e_1_2_8_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICTC.2016.7763485"},{"key":"e_1_2_8_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.18"},{"key":"e_1_2_8_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2017.8170802"},{"key":"e_1_2_8_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-45882-8_23"},{"key":"e_1_2_8_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCUBEA.2018.8697702"},{"key":"e_1_2_8_19_1","doi-asserted-by":"publisher","DOI":"10.1155\/2019\/1574749"},{"key":"e_1_2_8_20_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2025.110226"},{"key":"e_1_2_8_21_1","doi-asserted-by":"publisher","DOI":"10.1504\/IJICA.2024.143395"},{"key":"e_1_2_8_22_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.csa.2024.100037"},{"key":"e_1_2_8_23_1","doi-asserted-by":"publisher","DOI":"10.1002\/spy2.70021"},{"key":"e_1_2_8_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/WiSPNET57748.2023.10134518"},{"key":"e_1_2_8_25_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2023.103259"},{"key":"e_1_2_8_26_1","doi-asserted-by":"publisher","DOI":"10.1049\/icp.2024.0964"}],"container-title":["SECURITY AND PRIVACY"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1002\/spy2.70085","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T07:42:17Z","timestamp":1763451737000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1002\/spy2.70085"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,25]]},"references-count":25,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2025,11]]}},"alternative-id":["10.1002\/spy2.70085"],"URL":"https:\/\/doi.org\/10.1002\/spy2.70085","archive":["Portico"],"relation":{},"ISSN":["2475-6725","2475-6725"],"issn-type":[{"type":"print","value":"2475-6725"},{"type":"electronic","value":"2475-6725"}],"subject":[],"published":{"date-parts":[[2025,9,25]]},"assertion":[{"value":"2025-04-15","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-08-10","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-09-25","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"e70085"}}