dnstracker: Measuring Centralization of DNS Infrastructure in the Wild

Luciano Zembruzki, Arthur Selle Jacobs, Gustavo Spier Landtreter, Lisandro Zambenedetti Granville, Giovane C.M. Moura

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

Abstract

The Internet Domain Naming System (DNS) is one of the pillars for the Internet and has been the subject of various Distributed Denial-of-Service (DDoS) attacks over the years. As a countermeasure, the DNS infrastructure has been engineered with a series of replication measures, such as relying on multiple authoritative name servers and using IP anycast. Even though these measures have been in place, we have seen that, when servers rely on third-party DNS providers for reliable services, there may be certain levels of infrastructure centralization. In this case, an attack against a DNS target might affect other authoritative DNS servers sharing part of the infrastructure with the intended victim. However, measuring such levels of infrastructure sharing is a daunting task, given that researchers typically do not have access to DNS provider internals. In this paper, we introduce a methodology and associated tool dnstracker that allows measuring, to various degrees, the level of both concentration and shared infrastructure using active DNS measurements. As a case study, we analyze the authoritative name servers of all domains of the Alexa Top 1 Million most visited websites. Our results show that, in some cases, up to 12.000 authoritative name servers share the same underlying infrastructure of a third-party DNS provider. As such, in the event of an attack, those authoritative DNS servers have increased the probability of suffering from collateral damage.

Original languageEnglish
Title of host publicationAdvanced Information Networking and Applications
Subtitle of host publicationProceedings of the 34th International Conference on Advanced Information Networking and Applications, AINA 2020
EditorsLeonard Barolli, Flora Amato, Francesco Moscato, Tomoya Enokido, Makoto Takizawa
Place of PublicationCham
PublisherSpringer
Pages871-882
Number of pages12
ISBN (Electronic)978-3-030-44041-1
ISBN (Print)978-3-030-44040-4
DOIs
Publication statusPublished - 2020
Event34th International Conference on Advanced Information Networking and Applications - Caserta, Italy
Duration: 15 Apr 202017 Apr 2020
Conference number: 34
http://voyager.ce.fit.ac.jp/conf/aina/2020/

Publication series

NameAdvances in Intelligent Systems and Computing
Volume1151
ISSN (Print)2194-5357
ISSN (Electronic)2194-5365

Conference

Conference34th International Conference on Advanced Information Networking and Applications
Abbreviated titleAINA-2020
CountryItaly
CityCaserta
Period15/04/2017/04/20
OtherCancelled event due to COVID-19. Papers are only published
Internet address

Keywords

  • Centralization
  • Domain Name System
  • Measurements

Fingerprint Dive into the research topics of 'dnstracker: Measuring Centralization of DNS Infrastructure in the Wild'. Together they form a unique fingerprint.

Cite this