{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,20]],"date-time":"2025-07-20T04:21:14Z","timestamp":1752985274135},"reference-count":27,"publisher":"Engineering and Technology Publishing","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["jcm"],"published-print":{"date-parts":[[2020]]},"abstract":"<jats:p>Global DNS infrastructure is a major component for the services exposed in the internet. The purpose of the study is understanding the cyber security status of DNS ecosystem. As part of the research, a statistical analysis based on vulnerability repositories has been created to provide a view toward the level of DNS security in general. It can help organizations to understand, assess and mitigate DNS risks. It's made short review of most used attacks against DNS and mitigation: amplification, reflection, floods, DNS exploits, and analysis for the DNS security incidents trend. The statistics implicitly reflect the degree of adoption of new DNS security standards and technologies.<\/jats:p>","DOI":"10.12720\/jcm.15.10.722-728","type":"journal-article","created":{"date-parts":[[2020,12,29]],"date-time":"2020-12-29T06:43:57Z","timestamp":1609224237000},"page":"722-728","source":"Crossref","is-referenced-by-count":1,"title":["The Impacts of DNS Protocol Security Weaknesses"],"prefix":"10.12720","author":[{"name":"University of Librarian Studies and Information Technologies, Sofia, 1784, Bulgaria","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Willian A.","family":"Dimitrov","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Galina S.","family":"Panayotova","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"4977","published-online":{"date-parts":[[2020]]},"reference":[{"key":"ref0","doi-asserted-by":"publisher","unstructured":"[1] F. Zou, S. Zhang, W. Rao, and P. Yi, \"Detecting malware based on DNS graph mining,\" International Journal of Distributed Sensor Networks, vol. 2015, pp. 1-12, 2015.","DOI":"10.1155\/2015\/102687"},{"key":"ref1","unstructured":"[2] R. Trifonov, G. Pavlova, R. Yoshinov, and B. Jekov, \"Methodology for assessment of open data,\" International Journal of Computers, vol. 2, pp. 28-37, 2017."},{"key":"ref2","doi-asserted-by":"publisher","unstructured":"[3] J. Bushart and C. Rossow, \"Dns unchained: Amplified application-layer dos attacks against dns authoritatives,\" in Research in Attacks, Intrusions, and Defenses, M. Bailey, T. Holz, M. Stamatogiannakis, and S. Ioannidis, Eds. Cham: Springer International Publishing, 2018, pp. 139-160.","DOI":"10.1007\/978-3-030-00470-5_7"},{"key":"ref3","unstructured":"[4] M. K. Speaker. (2019). Early Detection of Malicious Activity-How Well Do You Know Your DNS? RSA Conference. [Online]. Available: https:\/\/-www.rsaconference.com\/videos\/early-detection-of-malicious-activityhow-well-do-you-know-your-dns"},{"key":"ref4","unstructured":"[5] S. K. Tim Mather and S. Latif, Cloud Security and Privacy, S. K. Copyright \u0412\u00a9 2009 Tim Mather and S. Latif, Eds. O'Reilly Media, Inc., 1005 Gravenstein Highway North, Se-bastopol, CA 95472, 2009."},{"key":"ref5","unstructured":"[6] Tripware. (2014) Unbalanced Security is Increasing Your Attack Surface the State of Security. [Online]. Available: https:\/\/www.tripwire.com\/state-of-security\/featured\/-unbalanced-security-increasing-attack-surface-2"},{"key":"ref6","unstructured":"[7] P. Vixie. (2018) Benefits of DNS Service Locality. [Online]. Available: https:\/\/\u00acwww.darkreading.com\/\u00acvulnerabilities-threats\/-benefits-of-dns-service-locality\/\u00aca\/\u00acd-id\/\u00ac1333088"},{"key":"ref7","unstructured":"[8] B. Jekov, P. Petkova, and E. Shoikova, \"Blockchain in the Telecom Industry,\" in Proc. XXVI Conference Telecom, Sofia, Bulgaria, 2018, pp.110-115"},{"key":"ref8","doi-asserted-by":"publisher","unstructured":"[9] B. Jekov, P. Petkova, E. Shoikova, and S. Denchev, \"Conceptual modeling of DLT and Blockchain for transforming public administration,\" in Proc ICERI 2018, Seville, Spain, 2018.","DOI":"10.21125\/iceri.2018.2527"},{"key":"ref9","unstructured":"[10] G. P. Dimitrov and G. Panayotova, \"Aspects of website optimization,\" in Proc. Union os Scientist - Ruse, Book 5, Mathematics, Informatics and Physics, 2015, pp. 106-114."},{"key":"ref10","doi-asserted-by":"publisher","unstructured":"[11] G. Panayotova and G. P. Dimitrov, \"Modeling and data processing of information systems,\" in Proc. International Conference on Artificial Intelligence and Pattern Recognition, Sept. 19-21, 2016.","DOI":"10.1109\/ICAIPR.2016.7585229"},{"key":"ref11","doi-asserted-by":"publisher","unstructured":"[12] X. Lin, L. Lei, Y. Wang, J. Jing, K. Sun, and Q. Zhou, \"A measurement study on linux container security: Attacks and countermeasures,\" in Proc. 34th Annual Computer Security Applications Conference, New York, NY, USA: ACM, 2018, pp. 418-429.","DOI":"10.1145\/3274694.3274720"},{"key":"ref12","unstructured":"[13] ENISA Threat Landscape Report 2018. 15 Top Cyberthreats and Trends. Final Version 1.0, ETL 2018, January 2019."},{"key":"ref13","unstructured":"[14] INFOBLOX. (2015). Understanding NXDOMAIN Attack Methods. [Online]. Available: https:\/\/\u00acblogs.infoblox.com\/\u00accompany\/\u00acunderstanding-nxdomain-attack-methods"},{"key":"ref14","unstructured":"[15] D. Kaminsky, Black Ops of DNS. InBlack Hat Briefings, LasVegas, NV, USA, July 2004."},{"key":"ref15","unstructured":"[16] S. Hao, Y. Zhang, and H. Wang, \"University of delaware; angelos stavrou, end-users get maneuvered: Empirical analysis of redirection hijacking in content delivery networks, george mason university,\" in Proc. 27th USENIX Security Symposium, Baltimore, MD, USA, August 15-17, 2018."},{"key":"ref16","doi-asserted-by":"publisher","unstructured":"[17] D. Fifield, C. Lan, R. Hynes, P. Wegmann, and V. Paxson, \"Blocking-resistant communication through domain fronting,\" Proc. on Privacy Enhancing Technologies, vol. 2015, no. 2, pp. 1-19, 2015.","DOI":"10.1515\/popets-2015-0009"},{"key":"ref17","unstructured":"[18] M. Dunwoody and N. Carr. (September 27, 2016). No Easy Breach DerbyCon 2016."},{"key":"ref18","unstructured":"[19] Threat Brief: Understanding Domain Generation Algorithms (DGA). [Online]. Available: https:\/\/unit42.paloaltonetworks.com\/threat-brief-understanding-domain-generation-algorithms-dga\/"},{"key":"ref19","unstructured":"[20] C. Hoffman, D. Johnson, B. Yuan, and P. Lutz, \"A covert channel in TTL field of DNS packets,\" in Proc. International Conference on Security and Management, Las Vegas, NV, USA, July 2011."},{"key":"ref20","unstructured":"[21] 86,600+ malicious COVID-19 domains registered in seven weeks. (2020). [Online]. Available: https:\/\/disruptive.asia\/malicious-covid-19-domains-registered\/"},{"key":"ref21","unstructured":"[22] [Online]. Available: https:\/\/www.slideshare.net\/MatthewDunwoody1\/no-easy-breach-derby-con-2016"},{"key":"ref22","doi-asserted-by":"publisher","unstructured":"[23] J. Happa, M. Glencross, and A. Steed, \"Cyber security threats and challenges in collaborative mixed-reality,\" Frontiers in ICT, vol. 6, Apr. 2019.","DOI":"10.3389\/fict.2019.00005"},{"key":"ref23","doi-asserted-by":"publisher","unstructured":"[24] A. Davenport, S. Shetty, and X. Liang, \"Attack surface analysis of permissioned blockchain platforms for smart cities,\" in Proc. IEEE International Smart Cities Conference (ISC2), Sep. 2018.","DOI":"10.1109\/ISC2.2018.8656983"},{"key":"ref24","unstructured":"[25] A. Andrei, Hacking Humans: The Evolving Paradigm with Virtual Reality, 2019."},{"key":"ref25","unstructured":"[26] ICS. (2019). Building DNS Firewalls with Response Policy Zones (RPZ) - BIND 9. [Online]. Available: https:\/\/kb.isc.org\/docs\/aa-00525"},{"key":"ref26","unstructured":"[27] Krebson Security. (2019, 8) Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com - Krebs on Security. [Online]. Avail-able: https:\/\/\u00ackrebsonsecurity.com\/\u00ac2019\/\u00ac01\/\u00acbomb-threat-sextortion-spammers-abused-weakness-at-godaddy-com"}],"container-title":["Journal of Communications"],"original-title":[],"link":[{"URL":"http:\/\/www.jocm.us\/uploadfile\/2020\/0911\/20200911052236524.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,24]],"date-time":"2021-11-24T07:27:57Z","timestamp":1637738877000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.jocm.us\/show-245-1596-1.html"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"references-count":27,"URL":"https:\/\/doi.org\/10.12720\/jcm.15.10.722-728","relation":{},"ISSN":["1796-2021"],"issn-type":[{"type":"print","value":"1796-2021"}],"subject":[],"published":{"date-parts":[[2020]]}}}