WaterPurifier: A scalable system to prevent the DNS water torture attack in 5G-enabled SIoT network

Abstract

Social Internet of Things (SIoT) network contains a huge number of smart devices and is rich in social behavior relationships between these objects, especially in 5G-abled SIoT network. However, vulnerable devices and assailable applications or services in SIoT give attackers the opportunity to conduct DNS water torture (DNSWT) attacks for domain name system (DNS) infrastructures, which can cause the device to be unavailable, and moreover, previous approaches designed for normal Internet environment cannot reach the high level of demand on scalability and flexibility in SIoT network. In this work, we comprehensively analyze the characteristics of DNSWT attacks in 5G-enabled SIoT network and propose a collaborative and hierarchical defensive system called WaterPurifier to protect the SIoT network from DNSWT attacks. WaterPurifier consists of Gateway Layer, Server Layer and Cloud Layer. An asynchronously communication mechanism is implemented in the defensive system to ensure its flexibility. The components in Gateway Layer and Server Layer execute lightweight functions, like flow forwarding and attack monitoring, to guarantee a high level of scalability. Cloud Layer deploys an end-to-end domain encoding and a real-time training process, which can filter out DNSWT attack traffic effectively and efficiently. We implement a prototype of WaterPurifier in an in-lab environment and do an evaluation on the experiment result with performance indicators like packet loss rate. Both results and evaluations show high effectiveness and efficacy of the proposed system.