Analysis on AI method for Detecting DNS Cache Poisoning Attack
Open Access
Author:
Fang, Binchen
Graduate Program:
Cybersecurity Analytics and Operations (MS)
Degree:
Master of Science
Document Type:
Master Thesis
Date of Defense:
October 27, 2023
Committee Members:
Peng Liu, Thesis Advisor/Co-Advisor Michael Keith Hills, Committee Member Jeffrey Bardzell, Program Head/Chair Hong Hu, Committee Member C Lee Giles, Committee Member
Keywords:
DNS XAI tools DNS Cache Poisoning Analysis AI Cybersecurity
Abstract:
The Domain Name System (DNS) plays an important role in the proper functioning of the internet. It can translate human-readable domain names to machine-readable IP addresses. However, it is vulnerable to several types of cyberattacks, with the domain name system cache poisoning being the most harmful one. Traditional detection methods are often unable to identify the nuanced behaviors of cache poisoning, especially with evolving techniques adopted by malicious actors. By using artificial intelligence, filtering malicious domain name system responses becomes much more possible. This paper will present a comprehensive analysis and interpretation of the Artificial Intelligence-based method that is used to detect domain name system cache poisoning attacks. By using different explainable artificial intelligence(XAI) tools to analyze the AI model and understand how different tools explain the interpretation of the AI model differently.
