Design and implementation of client IP notification feature on DNS for proactive firewall system

Tomokazu Otsuka; Gada; Nariyoshi Yamai; Kiyohiko Okayama; Yong Jin

doi:10.1109/COMPSAC.2015.220

Design and implementation of client IP notification feature on DNS for proactive firewall system

Tomokazu Otsuka, Gada, Nariyoshi Yamai, Kiyohiko Okayama, Yong Jin

Center for Information Technology and Management

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Citation (Scopus)

Abstract

The attempts of malicious access and attacks from the Internet to the internal computers of organizations never stop today and corresponding countermeasure for each technique is required. Most organizations introduce some firewall facilities as one of the solutions to protect their internal computers as well networks from those attacks. However, in most organizations, the network administrator has to deploy the policies on the firewall system manually based on the layer 3 and 4 information and only identified communication peers can be controlled by the policy-base firewall system. To solve these problems, we focused on the domain name resolution which happens prior to most TCP/IP communications and approach a new mechanism: adaptively investigable firewall system based on DNS query initiator by notifying the DNS query side client IP address to the target DNS server. In this paper, we mainly present the detail of design and implementation of the client IP address notification feature in the caching DNS server by embedding the subnet address as well as subnet mask of the query source client by practically using the DNS expanded standard (EDNS0).

Original language	English
Title of host publication	Proceedings - 2015 IEEE 39th Annual Computer Software and Applications Conference Workshops, COMPSACW 2015
Editors	Sheikh Iqbal Ahamed, Carl K. Chang, Ivica Crnkovic, Pao-Ann Hsiung, Jingwei Yang, Gang Huang, William Chu
Publisher	IEEE Computer Society
Pages	127-132
Number of pages	6
ISBN (Electronic)	9781467365635
DOIs	https://doi.org/10.1109/COMPSAC.2015.220
Publication status	Published - Sept 21 2015
Event	39th IEEE Annual Computer Software and Applications Conference Workshops, COMPSACW 2015 - Taichung, Taiwan, Province of China Duration: Jul 1 2015 → Jul 5 2015

Publication series

Name	Proceedings - International Computer Software and Applications Conference
Volume	3
ISSN (Print)	0730-3157

Other

Other	39th IEEE Annual Computer Software and Applications Conference Workshops, COMPSACW 2015
Country/Territory	Taiwan, Province of China
City	Taichung
Period	7/1/15 → 7/5/15

Keywords

Client IP Notification
DNS
Firewall
SDN

ASJC Scopus subject areas

Software
Computer Science Applications

Access to Document

10.1109/COMPSAC.2015.220

Cite this

Otsuka, T., Gada, Yamai, N., Okayama, K., & Jin, Y. (2015). Design and implementation of client IP notification feature on DNS for proactive firewall system. In S. I. Ahamed, C. K. Chang, I. Crnkovic, P-A. Hsiung, J. Yang, G. Huang, & W. Chu (Eds.), Proceedings - 2015 IEEE 39th Annual Computer Software and Applications Conference Workshops, COMPSACW 2015 (pp. 127-132). [7273340] (Proceedings - International Computer Software and Applications Conference; Vol. 3). IEEE Computer Society. https://doi.org/10.1109/COMPSAC.2015.220

Design and implementation of client IP notification feature on DNS for proactive firewall system. / Otsuka, Tomokazu; Gada; Yamai, Nariyoshi et al.
Proceedings - 2015 IEEE 39th Annual Computer Software and Applications Conference Workshops, COMPSACW 2015. ed. / Sheikh Iqbal Ahamed; Carl K. Chang; Ivica Crnkovic; Pao-Ann Hsiung; Jingwei Yang; Gang Huang; William Chu. IEEE Computer Society, 2015. p. 127-132 7273340 (Proceedings - International Computer Software and Applications Conference; Vol. 3).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Otsuka, T, Gada, Yamai, N, Okayama, K & Jin, Y 2015, Design and implementation of client IP notification feature on DNS for proactive firewall system. in SI Ahamed, CK Chang, I Crnkovic, P-A Hsiung, J Yang, G Huang & W Chu (eds), Proceedings - 2015 IEEE 39th Annual Computer Software and Applications Conference Workshops, COMPSACW 2015., 7273340, Proceedings - International Computer Software and Applications Conference, vol. 3, IEEE Computer Society, pp. 127-132, 39th IEEE Annual Computer Software and Applications Conference Workshops, COMPSACW 2015, Taichung, Taiwan, Province of China, 7/1/15. https://doi.org/10.1109/COMPSAC.2015.220

Otsuka T, Gada, Yamai N, Okayama K, Jin Y. Design and implementation of client IP notification feature on DNS for proactive firewall system. In Ahamed SI, Chang CK, Crnkovic I, Hsiung P-A, Yang J, Huang G, Chu W, editors, Proceedings - 2015 IEEE 39th Annual Computer Software and Applications Conference Workshops, COMPSACW 2015. IEEE Computer Society. 2015. p. 127-132. 7273340. (Proceedings - International Computer Software and Applications Conference). doi: 10.1109/COMPSAC.2015.220

Otsuka, Tomokazu ; Gada ; Yamai, Nariyoshi et al. / Design and implementation of client IP notification feature on DNS for proactive firewall system. Proceedings - 2015 IEEE 39th Annual Computer Software and Applications Conference Workshops, COMPSACW 2015. editor / Sheikh Iqbal Ahamed ; Carl K. Chang ; Ivica Crnkovic ; Pao-Ann Hsiung ; Jingwei Yang ; Gang Huang ; William Chu. IEEE Computer Society, 2015. pp. 127-132 (Proceedings - International Computer Software and Applications Conference).

@inproceedings{e24151b4b59b4cb08f663ca7b1ed2b4a,

title = "Design and implementation of client IP notification feature on DNS for proactive firewall system",

abstract = "The attempts of malicious access and attacks from the Internet to the internal computers of organizations never stop today and corresponding countermeasure for each technique is required. Most organizations introduce some firewall facilities as one of the solutions to protect their internal computers as well networks from those attacks. However, in most organizations, the network administrator has to deploy the policies on the firewall system manually based on the layer 3 and 4 information and only identified communication peers can be controlled by the policy-base firewall system. To solve these problems, we focused on the domain name resolution which happens prior to most TCP/IP communications and approach a new mechanism: adaptively investigable firewall system based on DNS query initiator by notifying the DNS query side client IP address to the target DNS server. In this paper, we mainly present the detail of design and implementation of the client IP address notification feature in the caching DNS server by embedding the subnet address as well as subnet mask of the query source client by practically using the DNS expanded standard (EDNS0).",

keywords = "Client IP Notification, DNS, Firewall, SDN",

author = "Tomokazu Otsuka and Gada and Nariyoshi Yamai and Kiyohiko Okayama and Yong Jin",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 39th IEEE Annual Computer Software and Applications Conference Workshops, COMPSACW 2015 ; Conference date: 01-07-2015 Through 05-07-2015",

year = "2015",

month = sep,

day = "21",

doi = "10.1109/COMPSAC.2015.220",

language = "English",

series = "Proceedings - International Computer Software and Applications Conference",

publisher = "IEEE Computer Society",

pages = "127--132",

editor = "Ahamed, {Sheikh Iqbal} and Chang, {Carl K.} and Ivica Crnkovic and Pao-Ann Hsiung and Jingwei Yang and Gang Huang and William Chu",

booktitle = "Proceedings - 2015 IEEE 39th Annual Computer Software and Applications Conference Workshops, COMPSACW 2015",

address = "United States",

}

TY - GEN

T1 - Design and implementation of client IP notification feature on DNS for proactive firewall system

AU - Otsuka, Tomokazu

AU - Gada,

AU - Yamai, Nariyoshi

AU - Okayama, Kiyohiko

AU - Jin, Yong

PY - 2015/9/21

Y1 - 2015/9/21

N2 - The attempts of malicious access and attacks from the Internet to the internal computers of organizations never stop today and corresponding countermeasure for each technique is required. Most organizations introduce some firewall facilities as one of the solutions to protect their internal computers as well networks from those attacks. However, in most organizations, the network administrator has to deploy the policies on the firewall system manually based on the layer 3 and 4 information and only identified communication peers can be controlled by the policy-base firewall system. To solve these problems, we focused on the domain name resolution which happens prior to most TCP/IP communications and approach a new mechanism: adaptively investigable firewall system based on DNS query initiator by notifying the DNS query side client IP address to the target DNS server. In this paper, we mainly present the detail of design and implementation of the client IP address notification feature in the caching DNS server by embedding the subnet address as well as subnet mask of the query source client by practically using the DNS expanded standard (EDNS0).

AB - The attempts of malicious access and attacks from the Internet to the internal computers of organizations never stop today and corresponding countermeasure for each technique is required. Most organizations introduce some firewall facilities as one of the solutions to protect their internal computers as well networks from those attacks. However, in most organizations, the network administrator has to deploy the policies on the firewall system manually based on the layer 3 and 4 information and only identified communication peers can be controlled by the policy-base firewall system. To solve these problems, we focused on the domain name resolution which happens prior to most TCP/IP communications and approach a new mechanism: adaptively investigable firewall system based on DNS query initiator by notifying the DNS query side client IP address to the target DNS server. In this paper, we mainly present the detail of design and implementation of the client IP address notification feature in the caching DNS server by embedding the subnet address as well as subnet mask of the query source client by practically using the DNS expanded standard (EDNS0).

KW - Client IP Notification

KW - DNS

KW - Firewall

KW - SDN

UR - http://www.scopus.com/inward/record.url?scp=84962091459&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84962091459&partnerID=8YFLogxK

U2 - 10.1109/COMPSAC.2015.220

DO - 10.1109/COMPSAC.2015.220

M3 - Conference contribution

AN - SCOPUS:84962091459

T3 - Proceedings - International Computer Software and Applications Conference

SP - 127

EP - 132

BT - Proceedings - 2015 IEEE 39th Annual Computer Software and Applications Conference Workshops, COMPSACW 2015

A2 - Ahamed, Sheikh Iqbal

A2 - Chang, Carl K.

A2 - Crnkovic, Ivica

A2 - Hsiung, Pao-Ann

A2 - Yang, Jingwei

A2 - Huang, Gang

A2 - Chu, William

PB - IEEE Computer Society

T2 - 39th IEEE Annual Computer Software and Applications Conference Workshops, COMPSACW 2015

Y2 - 1 July 2015 through 5 July 2015

ER -

Design and implementation of client IP notification feature on DNS for proactive firewall system

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this