Overcoming Threats and Vulnerabilities in DNS

With the advancement of Internet based technology we face intense need of well-defined security mechanisms to be implemented at each phase. Domain Name System (DNS) is among the most important element of the Internet. DNS resolves the domain names and provides it to the user. It lacks support for a proper security mechanism that may lead to exploitation of the vulnerabilities like data on DNS server can be access or manipulated by anyone, this leads to threats like DNS Hijacking, cache poisoning, etc. This paper gives an overview about the threats found in modern DNS system and how to resolve it. Domain Name System Security Extension (DNSSEC) is one of the main security features present in the DNS system to maintain a secure and efficient communication between users. The main aim of DNSSEC is to authenticate the user and grant access to legitimate users only. DNSSEC is used to avoid almost all the vulnerabilities that are found in the existing DNS system. Beside DNSSEC there are other methods like encryption, VPN, verification, etc. which are discussed in this paper, they are used to resolve different threats in the existing DNS system.