TU Darmstadt / ULB / TUbiblio

DNS-Scopy: Towards Security of Internet Naming Infrastructure

Shulman, Haya ; Waidner, Michael
Hrsg.: Pernul, Günther ; Ryan, Michael Y. A. ; Weippl, Edgar (2015)
DNS-Scopy: Towards Security of Internet Naming Infrastructure.
Vienna, Austria
doi: 10.1007/978-3-319-24174-6_1
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

We study the operational characteristics of the server-side of the Internet's naming infrastructure. Our findings discover common architectures whereby name servers are 'hidden' behind server-side caching DNS resolvers. We explore the extent and the scope of the name servers that use server-side caching resolvers, and find such configurations in at least 38% of the domains in a forward DNS tree, and higher percents of the domains in a reverse DNS tree. We characterise the operators of the server-side caching resolvers and provide motivations, explaining their prevalence.

Our experimental evaluation indicates that the caching infrastructures are typically run by third parties, and that the services, provided by the third parties, often do not deploy best practices, resulting in misconfigurations, vulnerabilities and degraded performance of the DNS servers in popular domains.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2015
Herausgeber: Pernul, Günther ; Ryan, Michael Y. A. ; Weippl, Edgar
Autor(en): Shulman, Haya ; Waidner, Michael
Art des Eintrags: Bibliographie
Titel: DNS-Scopy: Towards Security of Internet Naming Infrastructure
Sprache: Deutsch
Publikationsjahr: September 2015
Verlag: Springer-Verlag New York, Inc.
Buchtitel: 20th European Symposium on Research in Computer Security Vienna, Austria, September 21 – 25, 2015 Proceedings
Reihe: Lecture Notes in Computer Science 9326
Band einer Reihe: 1
Veranstaltungsort: Vienna, Austria
DOI: 10.1007/978-3-319-24174-6_1
Kurzbeschreibung (Abstract):

We study the operational characteristics of the server-side of the Internet's naming infrastructure. Our findings discover common architectures whereby name servers are 'hidden' behind server-side caching DNS resolvers. We explore the extent and the scope of the name servers that use server-side caching resolvers, and find such configurations in at least 38% of the domains in a forward DNS tree, and higher percents of the domains in a reverse DNS tree. We characterise the operators of the server-side caching resolvers and provide motivations, explaining their prevalence.

Our experimental evaluation indicates that the caching infrastructures are typically run by third parties, and that the services, provided by the third parties, often do not deploy best practices, resulting in misconfigurations, vulnerabilities and degraded performance of the DNS servers in popular domains.

ID-Nummer: TUD-CS-2015-12099
Fachbereich(e)/-gebiet(e): Profilbereiche
Profilbereiche > Cybersicherheit (CYSEC)
Hinterlegungsdatum: 17 Aug 2017 16:34
Letzte Änderung: 22 Jan 2019 11:30
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen