dnstracker: Measuring Centralization of DNS Infrastructure in the Wild

Luciano Zembruzki; Arthur Selle Jacobs; Gustavo Spier Landtreter; Lisandro Zambenedetti Granville; Giovane C.M. Moura

doi:10.1007/978-3-030-44041-1_76

dnstracker: Measuring Centralization of DNS Infrastructure in the Wild

Luciano Zembruzki^*, Arthur Selle Jacobs, Gustavo Spier Landtreter, Lisandro Zambenedetti Granville, Giovane C.M. Moura

^*Corresponding author for this work

Cyber Security

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

6 Citations (Scopus)

Abstract

The Internet Domain Naming System (DNS) is one of the pillars for the Internet and has been the subject of various Distributed Denial-of-Service (DDoS) attacks over the years. As a countermeasure, the DNS infrastructure has been engineered with a series of replication measures, such as relying on multiple authoritative name servers and using IP anycast. Even though these measures have been in place, we have seen that, when servers rely on third-party DNS providers for reliable services, there may be certain levels of infrastructure centralization. In this case, an attack against a DNS target might affect other authoritative DNS servers sharing part of the infrastructure with the intended victim. However, measuring such levels of infrastructure sharing is a daunting task, given that researchers typically do not have access to DNS provider internals. In this paper, we introduce a methodology and associated tool dnstracker that allows measuring, to various degrees, the level of both concentration and shared infrastructure using active DNS measurements. As a case study, we analyze the authoritative name servers of all domains of the Alexa Top 1 Million most visited websites. Our results show that, in some cases, up to 12.000 authoritative name servers share the same underlying infrastructure of a third-party DNS provider. As such, in the event of an attack, those authoritative DNS servers have increased the probability of suffering from collateral damage.

Original language	English
Title of host publication	Advanced Information Networking and Applications
Subtitle of host publication	Proceedings of the 34th International Conference on Advanced Information Networking and Applications, AINA 2020
Editors	Leonard Barolli, Flora Amato, Francesco Moscato, Tomoya Enokido, Makoto Takizawa
Place of Publication	Cham
Publisher	Springer
Pages	871-882
Number of pages	12
ISBN (Electronic)	978-3-030-44041-1
ISBN (Print)	978-3-030-44040-4
DOIs	https://doi.org/10.1007/978-3-030-44041-1_76
Publication status	Published - 2020
Event	34th International Conference on Advanced Information Networking and Applications - Caserta, Italy Duration: 15 Apr 2020 → 17 Apr 2020 Conference number: 34 http://voyager.ce.fit.ac.jp/conf/aina/2020/

Publication series

Name	Advances in Intelligent Systems and Computing
Volume	1151
ISSN (Print)	2194-5357
ISSN (Electronic)	2194-5365

Conference

Conference	34th International Conference on Advanced Information Networking and Applications
Abbreviated title	AINA-2020
Country/Territory	Italy
City	Caserta
Period	15/04/20 → 17/04/20
Other	Cancelled event due to COVID-19. Papers are only published
Internet address	http://voyager.ce.fit.ac.jp/conf/aina/2020/

Bibliographical note

Cancelled event due to COVID-19. Papers are only published

Keywords

Centralization
Domain Name System
Measurements

Access to Document

10.1007/978-3-030-44041-1_76

Cite this

Zembruzki, L., Jacobs, A. S., Landtreter, G. S., Granville, L. Z., & Moura, G. C. M. (2020). dnstracker: Measuring Centralization of DNS Infrastructure in the Wild. In L. Barolli, F. Amato, F. Moscato, T. Enokido, & M. Takizawa (Eds.), Advanced Information Networking and Applications : Proceedings of the 34th International Conference on Advanced Information Networking and Applications, AINA 2020 (pp. 871-882). (Advances in Intelligent Systems and Computing; Vol. 1151 ). Springer. https://doi.org/10.1007/978-3-030-44041-1_76

Zembruzki, Luciano ; Jacobs, Arthur Selle ; Landtreter, Gustavo Spier et al. / dnstracker : Measuring Centralization of DNS Infrastructure in the Wild. Advanced Information Networking and Applications : Proceedings of the 34th International Conference on Advanced Information Networking and Applications, AINA 2020. editor / Leonard Barolli ; Flora Amato ; Francesco Moscato ; Tomoya Enokido ; Makoto Takizawa. Cham : Springer, 2020. pp. 871-882 (Advances in Intelligent Systems and Computing).

@inproceedings{67905ec9307247998845ddbdd74a2f29,

title = "dnstracker: Measuring Centralization of DNS Infrastructure in the Wild",

abstract = "The Internet Domain Naming System (DNS) is one of the pillars for the Internet and has been the subject of various Distributed Denial-of-Service (DDoS) attacks over the years. As a countermeasure, the DNS infrastructure has been engineered with a series of replication measures, such as relying on multiple authoritative name servers and using IP anycast. Even though these measures have been in place, we have seen that, when servers rely on third-party DNS providers for reliable services, there may be certain levels of infrastructure centralization. In this case, an attack against a DNS target might affect other authoritative DNS servers sharing part of the infrastructure with the intended victim. However, measuring such levels of infrastructure sharing is a daunting task, given that researchers typically do not have access to DNS provider internals. In this paper, we introduce a methodology and associated tool dnstracker that allows measuring, to various degrees, the level of both concentration and shared infrastructure using active DNS measurements. As a case study, we analyze the authoritative name servers of all domains of the Alexa Top 1 Million most visited websites. Our results show that, in some cases, up to 12.000 authoritative name servers share the same underlying infrastructure of a third-party DNS provider. As such, in the event of an attack, those authoritative DNS servers have increased the probability of suffering from collateral damage.",

keywords = "Centralization, Domain Name System, Measurements",

author = "Luciano Zembruzki and Jacobs, {Arthur Selle} and Landtreter, {Gustavo Spier} and Granville, {Lisandro Zambenedetti} and Moura, {Giovane C.M.}",

note = "Cancelled event due to COVID-19. Papers are only published ; 34th International Conference on Advanced Information Networking and Applications, AINA-2020 ; Conference date: 15-04-2020 Through 17-04-2020",

year = "2020",

doi = "10.1007/978-3-030-44041-1_76",

language = "English",

isbn = "978-3-030-44040-4",

series = "Advances in Intelligent Systems and Computing",

publisher = "Springer",

pages = "871--882",

editor = "Leonard Barolli and Flora Amato and Francesco Moscato and Tomoya Enokido and Makoto Takizawa",

booktitle = "Advanced Information Networking and Applications",

url = "http://voyager.ce.fit.ac.jp/conf/aina/2020/",

}

Zembruzki, L, Jacobs, AS, Landtreter, GS, Granville, LZ & Moura, GCM 2020, dnstracker: Measuring Centralization of DNS Infrastructure in the Wild. in L Barolli, F Amato, F Moscato, T Enokido & M Takizawa (eds), Advanced Information Networking and Applications : Proceedings of the 34th International Conference on Advanced Information Networking and Applications, AINA 2020. Advances in Intelligent Systems and Computing, vol. 1151 , Springer, Cham, pp. 871-882, 34th International Conference on Advanced Information Networking and Applications, Caserta, Italy, 15/04/20. https://doi.org/10.1007/978-3-030-44041-1_76

dnstracker: Measuring Centralization of DNS Infrastructure in the Wild. / Zembruzki, Luciano; Jacobs, Arthur Selle; Landtreter, Gustavo Spier et al.
Advanced Information Networking and Applications : Proceedings of the 34th International Conference on Advanced Information Networking and Applications, AINA 2020. ed. / Leonard Barolli; Flora Amato; Francesco Moscato; Tomoya Enokido; Makoto Takizawa. Cham: Springer, 2020. p. 871-882 (Advances in Intelligent Systems and Computing; Vol. 1151 ).

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

TY - GEN

T1 - dnstracker

T2 - 34th International Conference on Advanced Information Networking and Applications

AU - Zembruzki, Luciano

AU - Jacobs, Arthur Selle

AU - Landtreter, Gustavo Spier

AU - Granville, Lisandro Zambenedetti

AU - Moura, Giovane C.M.

N1 - Conference code: 34

PY - 2020

Y1 - 2020

N2 - The Internet Domain Naming System (DNS) is one of the pillars for the Internet and has been the subject of various Distributed Denial-of-Service (DDoS) attacks over the years. As a countermeasure, the DNS infrastructure has been engineered with a series of replication measures, such as relying on multiple authoritative name servers and using IP anycast. Even though these measures have been in place, we have seen that, when servers rely on third-party DNS providers for reliable services, there may be certain levels of infrastructure centralization. In this case, an attack against a DNS target might affect other authoritative DNS servers sharing part of the infrastructure with the intended victim. However, measuring such levels of infrastructure sharing is a daunting task, given that researchers typically do not have access to DNS provider internals. In this paper, we introduce a methodology and associated tool dnstracker that allows measuring, to various degrees, the level of both concentration and shared infrastructure using active DNS measurements. As a case study, we analyze the authoritative name servers of all domains of the Alexa Top 1 Million most visited websites. Our results show that, in some cases, up to 12.000 authoritative name servers share the same underlying infrastructure of a third-party DNS provider. As such, in the event of an attack, those authoritative DNS servers have increased the probability of suffering from collateral damage.

AB - The Internet Domain Naming System (DNS) is one of the pillars for the Internet and has been the subject of various Distributed Denial-of-Service (DDoS) attacks over the years. As a countermeasure, the DNS infrastructure has been engineered with a series of replication measures, such as relying on multiple authoritative name servers and using IP anycast. Even though these measures have been in place, we have seen that, when servers rely on third-party DNS providers for reliable services, there may be certain levels of infrastructure centralization. In this case, an attack against a DNS target might affect other authoritative DNS servers sharing part of the infrastructure with the intended victim. However, measuring such levels of infrastructure sharing is a daunting task, given that researchers typically do not have access to DNS provider internals. In this paper, we introduce a methodology and associated tool dnstracker that allows measuring, to various degrees, the level of both concentration and shared infrastructure using active DNS measurements. As a case study, we analyze the authoritative name servers of all domains of the Alexa Top 1 Million most visited websites. Our results show that, in some cases, up to 12.000 authoritative name servers share the same underlying infrastructure of a third-party DNS provider. As such, in the event of an attack, those authoritative DNS servers have increased the probability of suffering from collateral damage.

KW - Centralization

KW - Domain Name System

KW - Measurements

UR - http://www.scopus.com/inward/record.url?scp=85083702795&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-44041-1_76

DO - 10.1007/978-3-030-44041-1_76

M3 - Conference contribution

AN - SCOPUS:85083702795

SN - 978-3-030-44040-4

T3 - Advances in Intelligent Systems and Computing

SP - 871

EP - 882

BT - Advanced Information Networking and Applications

A2 - Barolli, Leonard

A2 - Amato, Flora

A2 - Moscato, Francesco

A2 - Enokido, Tomoya

A2 - Takizawa, Makoto

PB - Springer

CY - Cham

Y2 - 15 April 2020 through 17 April 2020

ER -

Zembruzki L, Jacobs AS, Landtreter GS, Granville LZ, Moura GCM. dnstracker: Measuring Centralization of DNS Infrastructure in the Wild. In Barolli L, Amato F, Moscato F, Enokido T, Takizawa M, editors, Advanced Information Networking and Applications : Proceedings of the 34th International Conference on Advanced Information Networking and Applications, AINA 2020. Cham: Springer. 2020. p. 871-882. (Advances in Intelligent Systems and Computing). doi: 10.1007/978-3-030-44041-1_76

dnstracker: Measuring Centralization of DNS Infrastructure in the Wild

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this