TU Darmstadt / ULB / TUbiblio

DNS-Scopy: Towards Security of Internet Naming Infrastructure

Shulman, Haya and Waidner, Michael
Pernul, Günther and Ryan, Michael Y. A. and Weippl, Edgar (eds.) (2015):
DNS-Scopy: Towards Security of Internet Naming Infrastructure.
In: 20th European Symposium on Research in Computer Security Vienna, Austria, September 21 – 25, 2015 Proceedings, Springer-Verlag New York, Inc., Vienna, Austria, In: Lecture Notes in Computer Science 9326, ISBN 978-3-319-24173-9,
DOI: 10.1007/978-3-319-24174-6_1, [Conference or Workshop Item]

Abstract

We study the operational characteristics of the server-side of the Internet's naming infrastructure. Our findings discover common architectures whereby name servers are 'hidden' behind server-side caching DNS resolvers. We explore the extent and the scope of the name servers that use server-side caching resolvers, and find such configurations in at least 38% of the domains in a forward DNS tree, and higher percents of the domains in a reverse DNS tree. We characterise the operators of the server-side caching resolvers and provide motivations, explaining their prevalence.

Our experimental evaluation indicates that the caching infrastructures are typically run by third parties, and that the services, provided by the third parties, often do not deploy best practices, resulting in misconfigurations, vulnerabilities and degraded performance of the DNS servers in popular domains.

Item Type: Conference or Workshop Item
Erschienen: 2015
Editors: Pernul, Günther and Ryan, Michael Y. A. and Weippl, Edgar
Creators: Shulman, Haya and Waidner, Michael
Title: DNS-Scopy: Towards Security of Internet Naming Infrastructure
Language: German
Abstract:

We study the operational characteristics of the server-side of the Internet's naming infrastructure. Our findings discover common architectures whereby name servers are 'hidden' behind server-side caching DNS resolvers. We explore the extent and the scope of the name servers that use server-side caching resolvers, and find such configurations in at least 38% of the domains in a forward DNS tree, and higher percents of the domains in a reverse DNS tree. We characterise the operators of the server-side caching resolvers and provide motivations, explaining their prevalence.

Our experimental evaluation indicates that the caching infrastructures are typically run by third parties, and that the services, provided by the third parties, often do not deploy best practices, resulting in misconfigurations, vulnerabilities and degraded performance of the DNS servers in popular domains.

Title of Book: 20th European Symposium on Research in Computer Security Vienna, Austria, September 21 – 25, 2015 Proceedings
Series Name: Lecture Notes in Computer Science 9326
Volume: 1
Publisher: Springer-Verlag New York, Inc.
ISBN: 978-3-319-24173-9
Divisions: Profile Areas
Profile Areas > Cybersecurity (CYSEC)
Event Location: Vienna, Austria
Date Deposited: 17 Aug 2017 16:34
DOI: 10.1007/978-3-319-24174-6_1
Identification Number: TUD-CS-2015-12099
Export:

Optionen (nur für Redakteure)

View Item View Item