Analysis on AI methods for Detecting DNS Cache Poisoning Attack
Open Access
Author:
Fang, Binchen
Area of Honors:
Cybersecurity Analytics & Operations
Degree:
Bachelor of Science
Document Type:
Thesis
Thesis Supervisors:
Peng Liu, Thesis Supervisor Michael Keith Hills, Thesis Honors Advisor
Keywords:
DNS Cache Poisoning XAI tools AI
Abstract:
The Domain Name System (DNS) plays an important role in the proper functioning of the internet. It can translate human-readable domain names to machine-readable IP addresses. However, it is vulnerable to several types of cyberattacks, with the domain name system cache poisoning being the most harmful one. Traditional detection methods are often unable to identify the nuanced behaviors of cache poisoning, especially with evolving techniques adopted by malicious actors. By using artificial intelligence, filtering malicious domain name system responses becomes much more possible. This paper will present a comprehensive analysis and interpretation of the Artificial Intelligence-based method that is used to detect domain name system cache poisoning attacks. By using different explainable artificial intelligence(XAI) tools to analyze the AI model and understand how different tools explain the interpretation of the AI model differently.
