The Domain Name System (DNS) is a key part of the modern inter-net but is also a route that malicious actors can use as cyber security attack. This paper reviews security and privacy additions to DNS, specifically Protective DNS (PDNS). We present a case study of the UK’s National Cyber Security Centre’s PDNS and its implementation in one regional public sector organisation in the north of England. We show how PDNS compliments DNS features to improve the security and privacy for eligible organisations. We also review how DNS queries have been blocked due to security risks. This block data can be integrated to a security information and event management system for further analysis and automation. The main contribution of this case study is that the NCSC’s PDNS Service is useful as part of a defense in depth strategy by allowing greater visibility of DNS queries and blocking of malicious content at the point of name resolution. This paper also recommends some techniques to improve the service which require further evaluation.
The University of Gloucestershire accepts no liability for any infringement of intellectual property rights in any material deposited but will remove such material from public view pending investigation in the event of an allegation of any such infringement.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.