Design and implementation of client IP notification feature on DNS for proactive firewall system

Tomokazu Otsuka, Gada, Nariyoshi Yamai, Kiyohiko Okayama, Yong Jin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

The attempts of malicious access and attacks from the Internet to the internal computers of organizations never stop today and corresponding countermeasure for each technique is required. Most organizations introduce some firewall facilities as one of the solutions to protect their internal computers as well networks from those attacks. However, in most organizations, the network administrator has to deploy the policies on the firewall system manually based on the layer 3 and 4 information and only identified communication peers can be controlled by the policy-base firewall system. To solve these problems, we focused on the domain name resolution which happens prior to most TCP/IP communications and approach a new mechanism: adaptively investigable firewall system based on DNS query initiator by notifying the DNS query side client IP address to the target DNS server. In this paper, we mainly present the detail of design and implementation of the client IP address notification feature in the caching DNS server by embedding the subnet address as well as subnet mask of the query source client by practically using the DNS expanded standard (EDNS0).

Original languageEnglish
Title of host publicationProceedings - International Computer Software and Applications Conference
PublisherIEEE Computer Society
Pages127-132
Number of pages6
Volume3
ISBN (Print)9781467365635
DOIs
Publication statusPublished - Sep 21 2015
Event39th IEEE Annual Computer Software and Applications Conference Workshops, COMPSACW 2015 - Taichung, Taiwan, Province of China
Duration: Jul 1 2015Jul 5 2015

Other

Other39th IEEE Annual Computer Software and Applications Conference Workshops, COMPSACW 2015
CountryTaiwan, Province of China
CityTaichung
Period7/1/157/5/15

Fingerprint

Servers
Communication
Masks
Internet

Keywords

  • Client IP Notification
  • DNS
  • Firewall
  • SDN

ASJC Scopus subject areas

  • Computer Science Applications
  • Software

Cite this

Otsuka, T., Gada, Yamai, N., Okayama, K., & Jin, Y. (2015). Design and implementation of client IP notification feature on DNS for proactive firewall system. In Proceedings - International Computer Software and Applications Conference (Vol. 3, pp. 127-132). [7273340] IEEE Computer Society. https://doi.org/10.1109/COMPSAC.2015.220

Design and implementation of client IP notification feature on DNS for proactive firewall system. / Otsuka, Tomokazu; Gada; Yamai, Nariyoshi; Okayama, Kiyohiko; Jin, Yong.

Proceedings - International Computer Software and Applications Conference. Vol. 3 IEEE Computer Society, 2015. p. 127-132 7273340.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Otsuka, T, Gada, Yamai, N, Okayama, K & Jin, Y 2015, Design and implementation of client IP notification feature on DNS for proactive firewall system. in Proceedings - International Computer Software and Applications Conference. vol. 3, 7273340, IEEE Computer Society, pp. 127-132, 39th IEEE Annual Computer Software and Applications Conference Workshops, COMPSACW 2015, Taichung, Taiwan, Province of China, 7/1/15. https://doi.org/10.1109/COMPSAC.2015.220
Otsuka T, Gada, Yamai N, Okayama K, Jin Y. Design and implementation of client IP notification feature on DNS for proactive firewall system. In Proceedings - International Computer Software and Applications Conference. Vol. 3. IEEE Computer Society. 2015. p. 127-132. 7273340 https://doi.org/10.1109/COMPSAC.2015.220
Otsuka, Tomokazu ; Gada ; Yamai, Nariyoshi ; Okayama, Kiyohiko ; Jin, Yong. / Design and implementation of client IP notification feature on DNS for proactive firewall system. Proceedings - International Computer Software and Applications Conference. Vol. 3 IEEE Computer Society, 2015. pp. 127-132
@inproceedings{e24151b4b59b4cb08f663ca7b1ed2b4a,
title = "Design and implementation of client IP notification feature on DNS for proactive firewall system",
abstract = "The attempts of malicious access and attacks from the Internet to the internal computers of organizations never stop today and corresponding countermeasure for each technique is required. Most organizations introduce some firewall facilities as one of the solutions to protect their internal computers as well networks from those attacks. However, in most organizations, the network administrator has to deploy the policies on the firewall system manually based on the layer 3 and 4 information and only identified communication peers can be controlled by the policy-base firewall system. To solve these problems, we focused on the domain name resolution which happens prior to most TCP/IP communications and approach a new mechanism: adaptively investigable firewall system based on DNS query initiator by notifying the DNS query side client IP address to the target DNS server. In this paper, we mainly present the detail of design and implementation of the client IP address notification feature in the caching DNS server by embedding the subnet address as well as subnet mask of the query source client by practically using the DNS expanded standard (EDNS0).",
keywords = "Client IP Notification, DNS, Firewall, SDN",
author = "Tomokazu Otsuka and Gada and Nariyoshi Yamai and Kiyohiko Okayama and Yong Jin",
year = "2015",
month = "9",
day = "21",
doi = "10.1109/COMPSAC.2015.220",
language = "English",
isbn = "9781467365635",
volume = "3",
pages = "127--132",
booktitle = "Proceedings - International Computer Software and Applications Conference",
publisher = "IEEE Computer Society",
address = "United States",

}

TY - GEN

T1 - Design and implementation of client IP notification feature on DNS for proactive firewall system

AU - Otsuka, Tomokazu

AU - Gada,

AU - Yamai, Nariyoshi

AU - Okayama, Kiyohiko

AU - Jin, Yong

PY - 2015/9/21

Y1 - 2015/9/21

N2 - The attempts of malicious access and attacks from the Internet to the internal computers of organizations never stop today and corresponding countermeasure for each technique is required. Most organizations introduce some firewall facilities as one of the solutions to protect their internal computers as well networks from those attacks. However, in most organizations, the network administrator has to deploy the policies on the firewall system manually based on the layer 3 and 4 information and only identified communication peers can be controlled by the policy-base firewall system. To solve these problems, we focused on the domain name resolution which happens prior to most TCP/IP communications and approach a new mechanism: adaptively investigable firewall system based on DNS query initiator by notifying the DNS query side client IP address to the target DNS server. In this paper, we mainly present the detail of design and implementation of the client IP address notification feature in the caching DNS server by embedding the subnet address as well as subnet mask of the query source client by practically using the DNS expanded standard (EDNS0).

AB - The attempts of malicious access and attacks from the Internet to the internal computers of organizations never stop today and corresponding countermeasure for each technique is required. Most organizations introduce some firewall facilities as one of the solutions to protect their internal computers as well networks from those attacks. However, in most organizations, the network administrator has to deploy the policies on the firewall system manually based on the layer 3 and 4 information and only identified communication peers can be controlled by the policy-base firewall system. To solve these problems, we focused on the domain name resolution which happens prior to most TCP/IP communications and approach a new mechanism: adaptively investigable firewall system based on DNS query initiator by notifying the DNS query side client IP address to the target DNS server. In this paper, we mainly present the detail of design and implementation of the client IP address notification feature in the caching DNS server by embedding the subnet address as well as subnet mask of the query source client by practically using the DNS expanded standard (EDNS0).

KW - Client IP Notification

KW - DNS

KW - Firewall

KW - SDN

UR - http://www.scopus.com/inward/record.url?scp=84962091459&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84962091459&partnerID=8YFLogxK

U2 - 10.1109/COMPSAC.2015.220

DO - 10.1109/COMPSAC.2015.220

M3 - Conference contribution

AN - SCOPUS:84962091459

SN - 9781467365635

VL - 3

SP - 127

EP - 132

BT - Proceedings - International Computer Software and Applications Conference

PB - IEEE Computer Society

ER -