| dc.description.abstract | In recent years, network technology has been rapidly evolving, with personal computers and mobile devices becoming ubiquitous. DNS service queries provide the foundation for users to browse various websites and digital information through keyword searches or direct URL inputs. However, the internet world harbors numerous information security concerns, with fraudulent content from scams and phishing websites proliferating. There are various types of network attacks, such as DNS service denial attacks, man-in-the-middle attacks, impersonation, reflection/amplification attacks, botnets, malware, data breaches, etc. Among these, Denial of Service (DoS) attacks are the most common and easier to implement, using massive and intensive request behaviors to overwhelm servers, causing them to fail and cease operations, resulting in numerous impacts. Furthermore, the stability and availability of DNS response data are important indicators in measuring DNS performance.
In light of this, this paper proposes a blockchain-based decentralized Domain Name System (DNS) solution. Through blockchain technology, DNS records are no longer managed and maintained by a single DNS Server, but are stored on smart contracts, ensuring immutability and reducing DNS cache poisoning attacks in traditional environments. Regarding the currently rampant DDoS attacks, this system can better prevent attacks targeting DNS, improving availability and overall system efficiency. It is also designed to allow users to provide their own DNS records. In the context of telecommunications providers, maintaining their DNS is crucial. We implement a reward mechanism to enhance users′ willingness to assist in establishing a secure DNS environment. Additionally, DNS Records have a time- based validity and provide the ability to revoke abnormal IP addresses, further enhancing data security flexibility.
Moreover, to enhance performance, this thesis adopts BBS+ Signature for identity and data verification. This short signature scheme proposed by Boneh, Boyen, and Shacham supports signing multiple messages while generating a single output digital signature. BBS+ signature is more lightweight in both key and signature aspects, reducing on-chain and off-chain resource consumption. | en_US |