[1] |
BELLOVIN S M , . Using the domain name system for system break-ins[C]// Usenix Unix Security Symposium. 1996.
|
[2] |
SCHUBA C L , SPAFFORD E H . Addressing weaknesses in the domain name system protocol[D]. Indiana:Purdue University, 1994.
|
[3] |
VIXIE P , . DNS and BIND security issues[C]// Usenix Unix Security Symposium. 1995: 263-279.
|
[4] |
EASTLAKE D . RFC 2065:domain name system security extensions[S]. RFC IETF, 1997.
|
[5] |
EASTLAKE D . RFC 2535:domain name system security extensions[S]. RFC IETF, 1999.
|
[6] |
AUSTEIN R . RFC 3833:threat analysis of the domain name system[S]. RFC IETF, 2004.
|
[7] |
US-CERT.Multiple DNS implementations vulnerable to cache poisoning[EB/OL]. .
|
[8] |
LAURIE B , SISSON G , ARENDS R ,et al. RFC5155:DNS security(DNSSEC)hashed authenticated denial of existence[S]. RFC IETF, 2008.
|
[9] |
AUSTEIN R , LARSON M . RFC 4033:DNS security introduction and requirements[S]. RFC IETF, 2005.
|
[10] |
ARENDS R , AUSTEIN R , LARSON M ,et al. RFC4034:resource records for the DNS security extensions[S]. RFC IETF, 2005.
|
[11] |
ARENDS R , AUSTEIN R , LARSON M ,et al. RFC4035:protocol modifications for the DNS security extensions[S]. RFC IETF, 2005.
|
[12] |
YANG H , OSTERWEIL E , MASSEY D ,et al. Deploying cryptography in internet-scale systems:a case study on DNSSEC[J]. IEEE Transactions on Dependable & Secure Computing, 2010,8(5): 656-669.
|
[13] |
KOLKMAN O , GIEBEN R . RFC4641:DNSSEC operational practices[S]. RFC IETF, 2006.
|
[14] |
STJOHNS M . RFC5011:automated updates of dns security(DNSSEC)trust anchors[S]. RFC IETF, 2007.
|
[15] |
LAURIE B , SISSON G , ARENDS R ,et al. RFC5155:DNS security(DNSSEC)hashed authenticated denial of existence[S]. RFC IETF, 2003.
|
[16] |
GIEBEN R , MEKKING W . RFC7129:authenticated denial of existence in the DNS[S]. RFC IETF, 2014.
|