DNS System Security: Implementing DNSSEC to Protect Against DNS Spoofing and Cache Poisoning Attacks

TJANDRA, MARGARETH and GOTAMA, VINCENT PUTRA and BERTRAM, FIRSTIAN and Handojo, Andreas (2025) DNS System Security: Implementing DNSSEC to Protect Against DNS Spoofing and Cache Poisoning Attacks. DS Journal of Cyber Security, 2 (4). pp. 38-62. ISSN 2584-0665

PDF Download (5Mb)

Abstract

The Domain Name System (DNS) is one of the primary means through which users can communicate with one another over the IT network as it allows users to be able to convert domain names into IP addresses, however seemingly what comes along with technological advancement. This was compounded by the fact that the original system did not have robust security features. To address these challenges, this work presents the implementation of DNS Security Extensions (DNSSEC). To achieve this, the need to protect users from malicious DNS statements is paramount, which is why DNSSEC uses digital signatures to protect users. In order to do this, this paper analyzes the effectiveness of DNSSEC in circumventing DNS-based attacks and the challenges of implementation in different institutions. The findings indicate that DNSSEC enhances the security of sites by curtailing the abuse potential. However, additional architectures and alterations in the systems will be needed. Ultimately, this analysis emphasizes the potential of DNSSEC on the security of the internet and its development patterns, as well as its implications on global cyber space stability.

Actions (login required)