Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2017, Article ID 9479476, 15 pages
https://doi.org/10.1155/2017/9479476
Research Article

Enc-DNS-HTTP: Utilising DNS Infrastructure to Secure Web Browsing

1Cluster and Grid Computing Lab, Services Computing Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, China
2University of Basrah, Basrah, Iraq
3Southern Technical University, Basrah, Iraq

Correspondence should be addressed to Hai Jin; nc.ude.tsuh@nijh

Received 6 August 2016; Revised 31 October 2016; Accepted 15 November 2016; Published 3 April 2017

Academic Editor: Pascal Lorenz

Copyright © 2017 Mohammed Abdulridha Hussain et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

Online information security is a major concern for both users and companies, since data transferred via the Internet is becoming increasingly sensitive. The World Wide Web uses Hypertext Transfer Protocol (HTTP) to transfer information and Secure Sockets Layer (SSL) to secure the connection between clients and servers. However, Hypertext Transfer Protocol Secure (HTTPS) is vulnerable to attacks that threaten the privacy of information sent between clients and servers. In this paper, we propose Enc-DNS-HTTP for securing client requests, protecting server responses, and withstanding HTTPS attacks. Enc-DNS-HTTP is based on the distribution of a web server public key, which is transferred via a secure communication between client and a Domain Name System (DNS) server. This key is used to encrypt client-server communication. The scheme is implemented in the C programming language and tested on a Linux platform. In comparison with Apache HTTPS, this scheme is shown to have more effective resistance to attacks and improved performance since it does not involve a high number of time-consuming operations.