Hybrid Detection and Mitigation of DNS Protocol MITM attack based on Firefly algorithm with Elliptical Curve Cryptography

Abstract

A Domain Name Server is a critical Internet component. It enables users to surf the web and send emails. DNS is a database used by millions ofcomputers to determine which address best answers a user’s query. DNS is an unencrypted protocol that may be exploited in numerous ways. The mostpopular DNS MITM attack uses DNS poisoning to intercept communications and fake them. DNS servers do not verify the IP addresses they forwardtraffic to. In DNS attacks, the attacker either targets the domain name servers or attempts to exploit system weaknesses. The Proposed FFOBLA-ECC model detects the DNS Spoofed nodes in a wireless network using the optimized firefly boosted LSTM with the help of TTL and RTR parametersreceived from the simulation environment and provides authentication between the nodes in order to mitigate it using the Elliptical curve cryptography. The proposed model results are different from the other methods and yield highly accurate results beyond 98% compared with the existing RF, ARF, and KNN methods.