Professional Documents
Culture Documents
fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
ABSTRACT The inseparable internet requirements and the endless stream of cyber-attacks have led to
strong demand for trusted IP addresses. However, the existing collaborative DNS security schemes have the
defects of low credibility and imperfect incentive mechanism. Enlightened by the Consortium blockchain
technology, we propose a novel DNS Cache Resources Trusted Sharing Model, which can improve the
credibility of DNS resolution results by establishing a complete chain of trust. Firstly, the consortium
blockchain is introduced as the carrier of the peer-to-peer network to reduce the impact of illegal access and
complicity tampering on the DNS cache credibility; Secondly, the evaluation index of the node credibility
in the DNS cache sharing model is proposed, and the trust-based incentive mechanism is designed to reduce
the impact of free-riding behavior and on the trusted performance of the system. The two indicators of node
abnormal behavior similarity and roundtrip time between nodes are used to comprehensively evaluate the
degree of recommendation of the node and serve as the basis for dynamic scheduling; Finally, we use the
stochastic distributed decentralized storage mechanism to solve the problem of low efficiency in the
consortium blockchain. The simulation results show that the model has certain advantages in ensuring the
credibility of domain name resolution results, and maintains the ideal efficiency while ensuring trust.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
Z. Yu et al.: DNS Cache Resources Trusted Sharing Model (DNSTSM) Based on Consortium Blockchain
DNS cache poisoning attacks. H. Sun et al. [11] proposed the in the alliance. Network access is generally accessed
DepenDNS protocol, but Alfardan et al. [12] found that it through the gateway nodes of the member institutions, and
was weaker against DNS spoofing attacks. the consensus process is controlled by pre-selected nodes.
After studying the existing advanced solutions, we found The public can consult and trade, and a consortium license
that they did not consider the system may be subject to is required to verify the transaction or issue a smart contract.
internal attacks, and there is room for improvement in the Therefore, to a limited extent, only authorized nodes and
ability to resist cache poisoning attacks. To deal with these users can participate in the execution of transactions and
problems, we propose a DNS Cache Resources Trusted smart contracts, and any anonymous node or unauthorized
Sharing Model based on consortium blockchain to achieve user is denied service. With the advent of the FISCO BCOS
high credibility of domain name resolution results. The main [15], Ethereum Quorum [16], and Hyperledger Fabric [17],
contributions are as follows: consortium blockchain has become very popular and has
1) We propose to introduce the consortium blockchain into attracted more interest and investment in the world.
the peer-to-peer network collaboration system for forgery
detection, and design an identity-based access control system B. OVERVIEW OF APPLICATIONS OF BLOCKCHAIN IN
to eliminate potential threats caused by untrusted nodes. At TRUSTED SHARING MODEL
the same time, the model is divided according to the access In this section, we focus on several strategies to build a
interest of the consortium members, which improves the trusted sharing model based blockchain and point out their
reuse rate of the cached data. differences with our trusted sharing model for DNS caching.
2) We propose a method for calculating the credibility of Zhang et al. [18] proposed a distributed data security
DNS resolution nodes, which can evaluate the behavior of sharing and storage system solution for vehicle self-
malicious or later subverted nodes, and avoid them from organizing network. In DSSCB, when the vehicle node
further affecting the system. Moreover, based on the level of uploads the collected data, the integrity and security of the
credibility, a dynamic scheduling mechanism is implemented data can be guaranteed by digital signature technology, and
to motivate nodes to perform their own security upgrades. the data coin is used to motivate the vehicle participating in
3) We design a Stochastic Distributed Decentralized the data sharing. This solution effectively improves the
Storage Algorithm (SDDSA) to group members in the same VANET identity validity and message reliability issues.
federation, which provided conditions for further However, the data coins incentive method in this solution
implementing the multi-channel coroutine processing scheme does not bring intuitive benefits to sharers. In our solution,
of DNS cache resources so that the DNSTSM system trusted sharers can obtain safe, and efficient service.
satisfies the domain name resolution scenario for low latency Li et al. [19] proposed Meta-key, a data-sharing
and high-reliability requirements. mechanism that enables users to share their encrypted data
The structure of this paper is as follows: The second part under a blockchain-based distributed storage architecture.
introduces the consortium blockchain technology and the For the blockchain expansion problem, the scheme only
related research progress of the current blockchain in the extracts and stores some metadata, and the data and
sharing model field. In the third part, we introduce our metadata are encrypted by the data owner. The solution
trusted sharing model. The fourth part analyzes security and enables lightweight, secure storage and easy key
performance. We give the conclusion in the fifth part. management. We also use lightweight data storage, but our
solution validates the data before it is stored.
II. RELATED WORK Yang et al. [20] proposed a Differentially Private Data
In this section, we present a brief review of the consortium Sharing scheme based on the blockchain. The solution
blockchain technology and applications of blockchain in builds different cloud servers into a cloud federation for
Trusted Sharing Model (TSM). interoperability and collaboration, and enables privacy
owners to control the anonymization process and enhance
A. CONSORTIUM BLOCKCHAIN TECHNOLOGY service security through a privacy technology. The effect of
The consortium blockchain is only open to specific the privacy control of the data is achieved, but the
organizational groups, and it is a blockchain that requires management of the cloud server in the alliance is lacking.
registration permission [13]. The consortium blockchain is Unlike this approach, our shared model provides control
limited to the participation of consortium members, and the over the management of model members.
read and write permissions on the blockchain and the The current work on the blockchain in the DNS is mainly
participation accounting rights are specified according to focused on decentralizing the centralized authoritative
the consortium rules [14]. The consortium blockchain is domain name servers [21], [22], [23], [24]. However, our
composed of one supernode and several common nodes. In proposed DNSTSM is more concerned with the incremental
addition to the functions of common nodes, the supernode improvement of the existing DNS infrastructure, and the
also has the functions of implementing member credibility of resolution results is improved by the way that
management, authority management, and data monitoring peer-to-peer networks share trusted DNS cache resources.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
Z. Yu et al.: DNS Cache Resources Trusted Sharing Model (DNSTSM) Based on Consortium Blockchain
The network structure of the solution is shown in Fig.1. TABLE 1. Threat model.
This solution is to maintain a set of validated A Records
between recursive servers in a peer-to-peer network, and to Membership management DNS security
isolate possible threats from trusted networks, ensuring the Cache
Permission out of bounds
tampering
credibility of users' domain name resolution results. Internal
Malicious logout Collusion attack
Fig.2 presents an overview of the function module of the
Free-riding
proposed DNS Cache Resources Trusted Sharing Model
Identity Cache
(DNSTSM), which is categorized into three parts, i.e. data Illegal
forgery poisoning
acquisition module, data storage module, service module. External access to
Evidence
In the data acquisition module section, we designed a set of the network
stealing
cache validation mechanisms. When the response returned
by the local Recursive Server is inconsistent with the
1) Collusion attack refers to the process of multiple
cached information in the cached federation or the domain
retransmission recursive servers jointly pointing the
name is resolved for the first time, the DNS Validator
resolution request to the same wrong IP address under
responds to the Multi-DNS Recursive Servers Lookup.
malicious control so that the forged IP is valid and written
Alert Manager is activated when Cache Validation Manager
into the Blockchain database. 2) Hitchhiking, in this article,
detects inconsistent resolution information to list it as high-
refers to the use of the system to obtain the credible results
risk domain name information. In the data storage module
of its own needs, but as a forwarding party, it does not
section, a peer-to-peer network consisting of different
maintain and upgrade its security.
recursive servers maintains a set of A records stored in
blockchain mode, and a Stochastic Distributed
B. CONSTRUCTION OF DNS CACHE RESOURCES
Decentralized Storage Scheme is designed to improve the TRUSTED SHARING MODEL
read and write efficiency of the system. In the service Member organization structure in DNSTSM network is
module section, the Dynamic Scheduling Mechanism shown in Fig.3. DNSTSM is established between recursive
provides an efficient way to assign forwarding Recursive servers with the same theme of interest. Depending on the
Server to all Recursive Servers. The Time-To-Live Scheme region, entities in the DNSTSM can be divided into several
maintains the real-time and effectiveness of the cached data organizations; depending on the service function, the
in the Blockchain Database. The credit manager is designed entities in the DNSTSM can be divided into the local
for credibility-based incentives to calculate the credibility recursive server and the forwarder recursive server. The
of each node and invoke the Dynamic Scheduling local recursive server is responsible for the functions of the
Mechanism to reward trusted nodes. traditional recursive server, and send the request to the
The threat model of our solution is constructed from the forwarder recursive server under the same model network
perspective of the attacker's possible attack methods. As when the poison alarm is triggered. The forwarder recursive
shown in Table 1, the security threats involved include server provides additional resolution services for the local
threats to member management and threats to DNS security. recursive server.
Under this threat model, our solution is effective. It should This section describes: DNSTSM member role
be specially stated that: assignment, DNSTSM member management.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
Z. Yu et al.: DNS Cache Resources Trusted Sharing Model (DNSTSM) Based on Consortium Blockchain
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
Z. Yu et al.: DNS Cache Resources Trusted Sharing Model (DNSTSM) Based on Consortium Blockchain
CRL list.
Definition 3 Roundtrip time ( RRT ): Round trip time
C. CREDIBILITY-BASED INCENTIVE MECHANISM refers to the time it takes for the remote name server to
In this section, we propose a credibility-based incentive respond to requests. The internal timer is started whenever
mechanism to address the behavior of rational users “free- the local server sends a query request to the remote name
riding” in cache-shared peer-to-peer networks. This server. Stops timing when it receives a response, recording
mechanism fine-grained regulate the traditional one-sided the time it takes for the remote name server to answer.
credibility scheme and uses dynamic programming to 2) DYNAMIC SCHEDULING MECHANISM
allocate node resources, while maximizing system The incentive mentioned in this section are reflected in the
credibility maintenance efficiency, also enable resource- dynamic scheduling mechanism. The dynamic scheduling
providing nodes to maximize rewards after sharing reliable mechanism is composed of a scheduling manager, which is
network resources, in order to encourage rational users in used to allocate a suitable upstream resolution server for the
the network to perform security maintenance and upgrade forwarding mechanism of the local resolution server. Based
of their own domain name servers. Ensure the credibility of on the credibility-based incentive mechanism, the dynamic
the resources in the network, and achieve the characteristics scheduling mechanism uses the credibility of nodes in the
of sharing the trusted resources in the true sense of the cached alliance network as the allocation criterion. The
sharing model. First, describe and measure the definition of selection of the upstream resolution server considers the
credibility, and then introduce the implementation scheme node anomaly state similarity and the comprehensive index
of the incentive mechanism based on node credibility.
of roundtrip time in the network. The higher the node
credibility, the greater the contribution to the total credibility
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
Z. Yu et al.: DNS Cache Resources Trusted Sharing Model (DNSTSM) Based on Consortium Blockchain
of the network, correspondingly, the higher the allocation behalf of the client. Instead of resolve only onetime,
priority, the mechanism encourages the node to share trusted DNSTSM duplicates the query and forwards them to
network resources for higher contribution. multiple recursive servers according to the Dynamic
Definition 4 Selection rate: The selection rate is a description Scheduling Mechanism. When the forwarder detects that
of the degree to which it can be selected to serve the target the request comes from other members of the consortium, it
node. The calculation formula is as follows: does not trigger the MDRSL. In addition, a domain name
a 1 dcred b 1 d sim +c 1 d rtt often corresponds to multiple IP (i.e., dynamic DNS). For
d selection _ rate (4)
cred sim rrt
hA
a 1 h b 1 h b 1 h how to return the appropriate IP for the user, in MDRSLM,
the IP selection is related to the recursive server to which
The initial value of d sim is 0, and a , b , and c are the user belongs. DNSTSM executes the following actions
constants. The selection coefficient is a comprehensive when a user's wants to resolve a domain name. The
consideration in terms of safety and performance. The higher proposed method does not change the packet length, so the
the similarity degree of the abnormal state, the smaller the packet length is the same as the original DNS packet length.
selection coefficient; the larger the RTT , the smaller the These actions are shown in Fig. 5.
selection coefficient. In the scheduling process, a basic (a) The application's request triggers DNSTSM to perform
threshold is firstly set. If the number of times that the server a regular domain name resolution to obtain IP data R ;
is selected as the upstream parsing server exceeds this (b) If a packet with the same TXID is received later, the
threshold, the server will be added to the frozen list, and the Alert Manager is triggered and R is left blank, and write the
server will not be selected in a dynamic allocation exception status record of this recursive server to the
mechanism cycle. After the cycle, the frozen list will be blacklist;
removed and initialized. The specific selection method is (c) DNSTSM searches the Blockchain Database for
based on the priority of credibility, and three parsing servers domain information and obtains the IP history value H . If
are selected as the upstream party according to the selection R H and R is not empty, it can directly return the packet
coefficient. Since the credibility, the attack state similarity, where R is. Otherwise, proceed to the next step;
and roundtrip time are dynamically updated, the selection (d) DNSTSM converts the first and last letters of the name
factor changes, making the selection dynamic. tuple of the request packet question part to uppercase, as the
identifier forwarded by the consortium member, and
D. DNSTSM DATA ACQUISITION AND STORAGE forwards it to the t recursive servers assigned by the
1) DNSTSM DATA ACQUISITION member manager. And gets the response Li i 1,2 ,..., t ;
This section describes the method of collecting trusted data (e) If R Li , return the packet where R is, and
in DNSTSM and the process of returning trusted data to the supplementary updates to this domain information are made
client. using R and RNS _ ID through the DNS Cache Manager;
(f) Based on R , the application will connect to the
trustworthy IP addresses.
Algorithm 1: SDDSA.
Input: Domain name X , Number of channels C
Output: Storage location N
Begin
H _ 32 ←Build a 32-bit hexadecimal number of X
base on CRC 32 X
H _ 8 ←Convert a 32-bit hexadecimal number to an 8-
bit hexadecimal number base on two fold-and-fold
additions method with overflow
if C 255 then
FIGURE 5. Multi-DNS Recursive Servers Lookup Mechanism.
D ←Convert hexadecimal H _ 8 to decimal
According to the fact that it is difficult for an attacker to N ←Generates the storage location of X based on the
destroy multiple DNS servers using the same error data at operation D mod C
the same time, we propose a Multi-DNS Recursive Servers else
Lookup Mechanism (MDRSLM) to isolate the fake reply Exit Algorithm // organizations exceeded
packets. It consists of Cache Validation Manager, TTL endif
Manger, and Alert Manager. Typically, when a client End
program makes a domain name resolution request, the local
Recursive Server performs only one DNS resolution on
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
Z. Yu et al.: DNS Cache Resources Trusted Sharing Model (DNSTSM) Based on Consortium Blockchain
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
Z. Yu et al.: DNS Cache Resources Trusted Sharing Model (DNSTSM) Based on Consortium Blockchain
TABLE 4. Experimental parameter configuration. As shown in Fig.8, the average latency of DependDNS and
HARD-DNS queries is 128.93ms and 119.81ms, and the
Variables Value Description average latency of the DNSTSM domain name system is
Number of query requests for the 94.562ms. The DNSTSM mechanism gives a lower latency
q 100 same domain name sent by the
than the control group.
attacker in advance 100
Number of false attack packets that
NoF 10000
an attacker can send per second
RT 0.1s DNS query request reply time 90
Forwarding party recursive server
70
10
0
0 20 40 60 80 100
Cache percent (%)
FIGURE 9. The relationship between the proportion of the query in the
cache of the DNSTSM system and the average response time.
100
98 With SDDSA
Normal
96
Response time (ms)
94
FIGURE 7. Effect of different attack intensity on availability of existing
advanced methods and DNSTSM system. 92
90
88
8
6
4
2
0
0 3 6 9 12 15 18 21 24 27 30 33
Num
FIGURE 10. Comparison of average response time between the system
with SDDSA and without SDDSA.
Fig.9 shows that the DNSTSM system can bring
cumulative benefits. As the cached data increases, the cache
hit probability is increased to ensure the efficiency of the
service. We use the system with and without the SDDSA
FIGURE 8. Comparison of average response time between DNSTSM
algorithm as a control group to test the average response time
system and existing advanced methods. when all nodes perform domain name resolution at different
2) EFFICIENCY system sizes (number of nodes). As shown in Fig. 10, the
Compared with general domain name queries, DNSTSM system with the SDDSA algorithm has a lower average delay
requires multiple domain name servers and blockchain than the system without the SDDSA algorithm, and as the
databases at the same time, which adds additional latency. system size (number of nodes) increases, the delay of the
The delay mainly includes the user and data validator delay system with the SDDSA algorithm increases very low. These
Tcv , the data validator and the last response. The propagation characteristics show that the scheme we designed improves
delay between the forwarders is delayed by Tvf and the the system's ability to handle multitasking. Combining the
processing delay between the blockchain database Tb . The above two experiments, we can see that increasing the
data validator delay Tv , the forwarder's resolution delay T f . number of members in the consortium only brings a very
little delay, but the number of members is more conducive to
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
Z. Yu et al.: DNS Cache Resources Trusted Sharing Model (DNSTSM) Based on Consortium Blockchain
increasing the cache rate, which means that the overall chained block structure with a timestamp, and the subsequent
efficiency of the system has been improved. blocks record the hash of the previous block (prehash).
Therefore, the DNSTSM prototype system only needs to Changes to any block data are changed from the changed
add a small processing delay and network communication block to the last block. Moreover, any new legal block must
delay in the case of providing highly reliable and highly be generated through a consensus mechanism to agree on the
available services. At the same time, when sending requests final selected block. Ensure that data cannot be tampered
to DNSTSM systems at different stages (referring to from a storage perspective;
different levels of caching), the network communication Security of data transmission: Every message transmitted
delay can have an important impact on the average time of through Gossip is signed, so forged messages sent by
the actual domain name query. Different sizes (referring to Byzantine nodes are easily identifiable.
the number of members of the cache consortium) have less 2) COMPLETE MEMBERSHIP TRUST CHAIN
impact on response time, but scale effects can lead to more The certificate represents the abstraction of a member entity
cache rates. Therefore, the DNSTSM system should be in the consortium. In order to solve the problem of member
formed to a certain size in exchange for low latency. certificate authority management, there is a Member Service
System (MSP) in the DNSTSM. MSP is based on the
B. SECURITY ANALYSIS identity authentication framework PKI to achieve
In our scheme, by combining the identity authentication certification and management related to the certificate life
mechanism and consensus mechanism of the consortium cycle. The issuance of a certificate requires the CA to sign
blockchain, and designing the incentive mechanism the validity of the certificate. A higher-level CA can issue the
according to the technical characteristics of DNS resolution legitimacy of the CA, and the root CA realizes the basis of
service, we obtain a resolution service that is more secure trust by pre-distributing certificates.
and trusted than the traditional P2P network sharing model.
3) MOTIVATION FOR CREDIBILITY
In this section, we discuss the security of the program.
The credibility-based incentive mechanism serves as an
As shown in Table 5, we compare our scheme with
important part of ensuring the credibility level of DNSTSM,
existing advanced schemes from the perspective of Defend
stimulating the enthusiasm of members to maintain their own
against cache poisoning attacks and internal attacks. The key
server security performance, and maintaining the virtuous
factors that define internal attacks include: Avoid
circle of DNSTSM domain name resolution.
information disclosure, Identity management, Access control,
Avoid conspiracy. We take whether to resist Kaminsky 4) AVOID NODE FAILURE
attack and whether to address these four critical factors of Avoid single point of failure: In our solution, the consensus
internal attacks as the evaluation criteria in Table 5. The mechanism uses the Kafka message queuing system, and the
comparison results show that our solution has more sorting nodes are clustered by Kafka, which can effectively
advantages in terms of functions and features. avoid the single network failure and cause the entire network
to collapse;
1) COMPLETE DATA TRUST CHAIN
Node crash tolerance: Each node continuously extracts
Reliable data source: In our solution, we obtain reliable
blocks from other nodes in the channel. Since there is no
cached data source in the way of multi-recursive server
need for a fixed connection to maintain Gossip-based data
parsing, and ensure the credibility of the data from the source;
propagation, the process can reliably implement node crash
Security of data storage: The entire system obtains a copy
tolerance for shared ledgers.
of the complete database in the form of a sub-database. Each
copy is a chain of identical blocks, which stores the data in a
Table 5. Comparison of the security indicators of our solutions with dox, CoDNS,ConfiDNS, DepenDNS, and HARD-DNS
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
Z. Yu et al.: DNS Cache Resources Trusted Sharing Model (DNSTSM) Based on Consortium Blockchain
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2020.2966428, IEEE Access
Z. Yu et al.: DNS Cache Resources Trusted Sharing Model (DNSTSM) Based on Consortium Blockchain
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.