한국산학기술학회논문지 (Journal of the Korea Academia-Industrial cooperation Society)

  • 제20권5호
  • /
  • Pages.36-46
  • /
  • 2019
  • /
  • 1975-4701(pISSN)
  • /
  • 2288-4688(eISSN)
한국산학기술학회 (The Korea Academia-Industrial cooperation Society)
권호 표지
DOI QR코드

DOI QR Code

블록체인 네트워크 기반의 도메인 네임 시스템 설계 및 구현

Design and Implementation of Blockchain Network Based on Domain Name System

  • Heo, Jae-Wook (Dept. of Computer Science and Engineering, Soongsil University) ;
  • Kim, Jeong-Ho (Dept. of Computer Science and Engineering, Soongsil University) ;
  • Jun, Moon-Seog (Dept. of Computer Science and Engineering, Soongsil University)
  • 투고 : 2019.02.27
  • 심사 : 2019.05.03
  • 발행 : 2019.05.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

인터넷에 연결된 호스트의 개수가 대폭 증가해 1984년 도메인 네임 시스템(Domain Name System, 이하 DNS)이 도입되었다. DNS는 웹 사이트를 검색할 때, 일련의 숫자로 이루어진 복잡한 IP 주소를 외우지 않고 편리성이 높은 문자 형태의 주소를 사용할 수 있게 함으로써 현재 인터넷을 이용하는 모든 사용자에게 중요한 핵심 요소로 사용되고 있다. 그러나 이러한 DNS의 중요성에 비해 권한 할당 문제, 공인 등록 관련 분쟁, DNS 캐시 포이즈닝(DNS Cache Poisoning), DNS 스푸핑(DNS Spoofing), 중간자 공격(Man-in-the-Middle Attack), DNS 증폭 공격(DNS Amplification Attack)과 같은 각종 보안 취약점, 초연결 네트워크 시대의 더 많은 도메인 네임의 필요성 등 많은 문제점이 존재한다. 본 연구에서는 기존의 DNS가 가지는 이러한 문제점을 효과적으로 개선하고자 분산원장기술인 블록체인을 이용해 DNS를 구현하는 법을 제안하고, 이더리움 기반의 플랫폼을 이용해 구현하였다. 추가적으로 기존의 도메인 네임 등록 및 도메인 네임 서버의 정성적 성능 비교 평가를 하고, 제안하는 시스템이 기존 DNS의 보안 문제점을 개선할 수 있는지 보안 평가를 하였다. 결론적으로 블록체인을 이용해 더 안전하고 효율적으로 DNS 서비스를 제공할 수 있다는 것을 보였다.

The number of hosts connected to the Internet has increased dramatically, introducing the Domain Name System(DNS) in 1984. DNS is now an important key point for all users of the Internet by allowing them to use a convenient character address without memorizing a series of numbers of complex IP address. However, relative to the importance of DNS, there still exist many problems such as the authorization allocation issue, the disputes over public registration, security vulnerability such as DNS cache poisoning, DNS spoofing, man-in-the-middle attack, DNS amplification attack, and the need for many domain names in the age of hyper-connected networks. In this paper, to effectively improve these problems of existing DNS, we proposed a method of implementing DNS using distributed ledger technology, blockchain, and implemented using a Ethereum-based platform. In addition, the qualitative analysis performance comparative evaluation of the existing domain name registration and domain name server was conducted, and conducted security assessments on the proposed system to improve security problem of existing DNS. In conclusion, it was shown that DNS services could be provided high security and high efficiently using blockchain.

키워드

SHGSCZ_2019_v20n5_36_f0001.png 이미지

Fig. 1. Layered DNS Tree Structure

SHGSCZ_2019_v20n5_36_f0002.png 이미지

Fig. 2. Example of Domain Name Create Structure

SHGSCZ_2019_v20n5_36_f0003.png 이미지

Fig. 3. Domain Name Query Process

SHGSCZ_2019_v20n5_36_f0004.png 이미지

Fig. 4. Blockchain Structure

SHGSCZ_2019_v20n5_36_f0005.png 이미지

Fig. 5. Proposed DNS Registration and UnregistrationTransaction Structure

SHGSCZ_2019_v20n5_36_f0006.png 이미지

Fig. 6. Proposed Blockchain Transaction Structure for Change IP

SHGSCZ_2019_v20n5_36_f0007.png 이미지

Fig. 7. Proposed Blockchain Network Based DNS Query Model

SHGSCZ_2019_v20n5_36_f0008.png 이미지

Fig. 8. Genesis Block Structure for Blockchain System

SHGSCZ_2019_v20n5_36_f0009.png 이미지

Fig. 9. Create Blockchain Address

SHGSCZ_2019_v20n5_36_f0010.png 이미지

Fig. 10. Mist Browser User for Blockchain

SHGSCZ_2019_v20n5_36_f0011.png 이미지

Fig. 11. Smart Contract Source Code for Blockchain DNS

SHGSCZ_2019_v20n5_36_f0012.png 이미지

Fig. 12. Creating Transaction Using Smart Contract

SHGSCZ_2019_v20n5_36_f0013.png 이미지

Fig. 13. Execute Contract for Domain Name Registration

SHGSCZ_2019_v20n5_36_f0014.png 이미지

Fig. 14. Unique Domain Name Using Blockchain Network

Table 1. Proposed System Node Specification

SHGSCZ_2019_v20n5_36_t0001.png 이미지

Table 2. Proposed System Efficiency Verification for Domain Name Registration

SHGSCZ_2019_v20n5_36_t0002.png 이미지

Table 3. Proposed System Efficiency Verification for Domain Name Server

SHGSCZ_2019_v20n5_36_t0003.png 이미지

참고문헌

  1. TTA, Telecommunications Technology Terms Dictionary, http://terms.tta.or.kr/dictionary/dictionaryView. do?word_seq=057943-2 (accessed January, 2, 2019).
  2. Do-Won Kim, Internet & Security Focus, Focus 1, Understanding DNS based on internet usage and DNS security, Korea Internet & Security Agency, Korea, pp.6-25, September, 2013.
  3. The Verisign Domain Name Industry Brief, Q3, 2018, https://www.verisign.com/en_US/domain-names/dnib/index.xhtml (accessed February, 8, 2019).
  4. Ministry of Science and ICT, Basic Plan for Promotion and Management of the Development and Utilization of the 5th Internet Address Resources (2018-2020), Korea, pp.1-16, May, 2018.
  5. Cybersquatter, Wikipedia, December, 2018, https://en.wikipedia.org/wiki/Cybersquatting (accessed December, 10, 2018).
  6. Secure News, June, 2017, https://www.boannews.com/media/view.asp?idx=55083 (accessed January, 2, 2019).
  7. ICANN, Resources, Help, Domain Name Dispute Resolution, https://www.icann.org/resources/pages/dndr-2012-02-25-en (accessed January, 7, 2019).
  8. Namecoin, https://www.namecoin.org/, (accessed February, 16, 2019).
  9. EmerDNS, Emercoin, https://emercoin.com/en/documentation/blockchain-services/emerdns/emerdns-introduction, (accessed March, 20, 2019).
  10. Domain Name System, Wikipedia, February 2019, https://en.wikipedia.org/wiki/Domain_Name_System (accessed December, 3, 2018).
  11. Charles M. Kozierok, The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference, p.825-927, acorn publishing company, 2007.
  12. KRNIC, Internet Address Resource, Domain Name System(DNS), https://xn-3e0bx5euxnjje69i70af08bea817g.xn-3e0b707e/jsp/resources/dns/dnsInfo.jsp (accessed January, 8, 2019).
  13. Jae-Wook Heo, Sung-Soo Kim, Jeong-Ho Kang, Moon-Seog Jun, "Study on Improvement and Correlation of Blockchain and Right to be Forgotten", The KIPS Fall Conference 2018 on Korea Information Processing Society , Vol.25, No.2 pp.231-234, November, 2018.
  14. Jonathan Strickland, What is Computing Power?, Howstuffworks, https://computer.howstuffworks.com/computing-power.htm (accessed February 12, 2019).
  15. Go Ethereum, https://geth.ethereum.org/downloads/(accessed November, 10, 2018).
  16. Domain Service, https://netsvill.net/domain/1_4_a.asp (accessed January, 2, 2019).
  17. Tom Olzak, "DNS Cache Poisoning: Definition and Prevention", http://www.infosecwriters.com, pp.4-7, March, 2006.
  18. Lan Green, "DNS Spoofing by The Man In The Middle", SANS Institute InfoSec Reading Room, pp.5, 2005.
  19. Bennett Garner, What's a Sybil Attack & How Do Blockchains Mitigate Them?, Coin Central, August, 2018, https://coincentral.com/sybil-attack-blockchain/, Coin Central (accessed January 6, 2019).
  20. Georgios Kambourakis, Tassos Moschos, Dimitris Geneiatakis, and Stefanos Gritzalis, "Detecting DNS Amplification Attacks", Critical Information Infrastructures Security, Lecture Notes in Computer Science, Vol.5141, pp.185-196, October, 2007 DOI: https://doi.org/10.1007/978-3-540-89173-4_16
  21. Ji-yeon Kim, Ju-Li Lee, Eun-Ji Park, Eun-Young Jang, Hyung-jong Kim, "A study of Modeling and Simulation for Analyzing DDoS Attack Damage Scale and Defence Mechanism Expense", The Korea Society for Simulation, Vol.18, No.4, pp.39-47, December, 2009.
  22. Sawan Kumar, Jens Hermann Paulsen, Prevention of DDoS attacks with Blockchain technology, Deloitte, UK,pp.1-3, December, 2017.