A RAID-Inspired Framework for Robust DNS Security: Mitigating DDoS Attacks Through Distributed Data Encoding and Redundancy

The DNS systems serves an important role in accessing and managing domain names. Despite its importance, DNS is vulnerable to numerous network-based attacks such as Distributed Denial-of-Service DDoS attacks. Unfortunately, no comprehensive solution has been discovered to combat such attacks. In this paper, we proposed an approach to enhance DNS security by adopting RAID technology and data coding. This approach relies on multiple independent DNS servers holding distinct coded DNS records instead of relying on a single DNS server. Our proposed solution shows efficient results in overcoming data loss and disruption of DNS server operation. This solution lies on the fact that if one server is attacked or damaged, the other servers will continue working to resolve IP addresses without disruption. The results obtained indicate that the time taken to process multiple DNS requests may slightly increase compared to single DNS operation. However, the time required for DNS recovery from DDoS attack is significantly larger when only a single server is being used, which may take hours or even days