In the process of resolving domain names to IP addresses, there exist complex dependence relationships between domains and\nname servers. This paper studies the impact of the resolution dependence on the DNS through constructing a domain name\nresolution network based on large-scale actual data. The core nodes of the resolution network are mined from different perspectives\nby means of four methods. Then, both core attacks and random attacks on the network are simulated for further\nvulnerability analysis.The experimental results show that when the top 1% of the core nodes in the network are attacked, 46.19% of\nthe domain names become unresolved, and the load of the residual network increases by nearly 195%, while only 0.01% of domain\nnames fail to be resolved and the load increases with 18% in the same attack scale of the random mode. For these key nodes, we\nneed to take effective security measures to prevent them from being attacked. The simulation experiment also proves that the\nresolution network is a scale-free network, which exhibits robustness against random failure and vulnerability against intentional\nattacks. These findings provide new references for the configuration of the DNS.
Loading....