网络与信息安全学报 (Oct 2024)
Sketch-based caching method for significant DNS queries
Abstract
With the rapid advancement of networking technology, DNS (domain name system), acting as the first step for most network behaviors, plays a vital role in assuring service quality through its capability and security. However, the current DNS resolvers lack effective mechanisms for cache item protection and eviction. Addressing this lacuna, a method for DNS cache oversight based on the principles of sketch technology was proposed. "Significance" was elegantly integrated as a novel evaluative indicator, and network measurement strategies were adopted into cache management. Consequently, a holistic benchmark that encapsulated both temporal and frequency characteristics for dynamically demarcating items’ significance was culminated. The experimental results, which were based on a substantial amount of real-world network traffic data, demonstrated that the proposed method offered protection for significant domain names, hastening their resolution by an average of 18% relative to conventional DNS paradigms. The usability for end-users was augmented by this strategy, as was the maintainability for Internet Service Providers (ISPs), while the scope for ongoing research in the realm of DNS cache management was simultaneously expanded.
