Cache Poisoning Detection Method for Improving Security of Recursive DNS

In this paper, we propose a new detection method for cache poisoning attack on the recursive DNS. The proposed method overcomes the weak-points of the previous researches such as DNSSEC and DoX system which are hierarchical or vertical additional deployments of several DNS servers, accordingly overall performance of the system is decreased and additional traffic cost is needed. That is to say, the proposed method sets forth independent cache poisoning detection method with the similar security level of DNSSEC, notwithstanding the improvement, there is little influence on DNS performance and additional traffic.