DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic
|
|
- Junior Thompson
- 8 years ago
- Views:
Transcription
1 DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic Yizheng Chen, Manos Antonakakis, Roberto Perdisci, Yacin Nadji, David Dagon, and Wenke Lee
2 Domain Name System Machine-level Address Human-readable Name 2
3 DNS for agility, scalability, etc. CDN server selection Really close? [Mao et al. USENIX ATEC 2002] Browser prefetching auto-completed domains Privacy? [Krishnan et al. LEET 2010] NXDOMAIN remapping Controversial? [Weaver et al. USENIX FOCI 2011] 3
4 McAfee e.11dfrin96mcqal3p534njpwplq.avqs.mcafee.com e.12kiq7cqq9lz7zbc4jza4n7nji.avqs.mcafee.com e.1bz5cjj8nbhqhpia1v8svi12g6.avqs.mcafee.com e.1pfrfc3jc9diw1lnd2jrha2ilq.avqs.mcafee.com e.1vcqruwkjhgp4qdhku6rpdqdsb.avqs.mcafee.com e.25tbw5dedhc2ap8ct1bi8jpp6i.avqs.mcafee.com e.2sprf11evqccpami3epfvj1r35.avqs.mcafee.com e.2tj85ckvumlddbmrbu67ev6s8t.avqs.mcafee.com e.35wv398iew1kdub6t35lbmwhbj.avqs.mcafee.com e.3amrhtqqbkvkbbqr8igcajdubv.avqs.mcafee.com 4
5 McAfee Global Threat Intelligence File Reputation Query for suspicious exe, pdf, apk files. suspicious: e.g., packed exe e.11dfrin96mcqal3p534njpwplq.avqs.mcafee.com Version and product information File hash Fingerprint information Environmental information 5
6 Google p2.a22a43lt5rwfg.ihg5ki5i6q3cfn3n i1.ds.ipv6-exp.l.google.com p2.a22a43lt5rwfg.ihg5ki5i6q3cfn3n i2.v4.ipv6-exp.l.google.com p2.a22a43lt5rwfg.ihg5ki5i6q3cfn3n s1.v4.ipv6-exp.l.google.com p2.a22antzfkdg5g.nay6cy6qq26fr64b i1.v4.ipv6-exp.l.google.com p2.a22antzfkdg5g.nay6cy6qq26fr64b i2.ds.ipv6-exp.l.google.com p2.a22bc6fi6edwk.qa2gdjd72sdbycs i1.ds.ipv6-exp.l.google.com p2.a22bc6fi6edwk.qa2gdjd72sdbycs i2.v4.ipv6-exp.l.google.com p2.a22bc6fi6edwk.qa2gdjd72sdbycs s1.v4.ipv6-exp.l.google.com p2.a22cax6c5l5h2.7s2llcerkgtvdu5f i2.ds.ipv6-exp.l.google.com p2.a22cax6c5l5h2.7s2llcerkgtvdu5f s1.v4.ipv6-exp.l.google.com 6
7 Google IPv6 Experiment Search request Search results + background load Background request *.ipv6-exp.l.google.com p2.a22a43lt5rwfg.ihg5ki5i6q3cfn3n i1.ds.ipv6-exp.l.google.com Recorded information: IPv4 and IPv6 addresses, as applicable Image request latency Browser/OS details (User-Agent string) 7
8 esoft load-0-p-01.up mem p-50.swap p device.trans.manage.esoft.com load-0-p-49.up mem p-49.swap p device.trans.manage.esoft.com load-0-p-90.up mem p-19.swap p device.trans.manage.esoft.com load-0-p-08.up mem p-29.swap p device.trans.manage.esoft.com load-0-p-01.up mem p-29.swap p device.trans.manage.esoft.com load-0-p-01.up mem p-39.swap p device.trans.manage.esoft.com load-0-p-05.up mem p-39.swap p device.trans.manage.esoft.com load-0-p-56.up mem p-43.swap p device.trans.manage.esoft.com load-0-p-38.up mem p-50.swap p device.trans.manage.esoft.com load-0-p-13.up mem p-41.swap p device.trans.manage.esoft.com 8
9 Characteristics of Disposable Domains Automatically generated One-time use pattern Signaling Share same name suffix E.g., ipv6-exp.l.google.com Disposable Zones Individual Domain Low average cache hit rate Over 90% of cache hit rates for domains under disposable zones are zero Cache hit rates for domains under non-disposable zones are evenly distributed 9
10 Why do we care about disposable domain names (and effectively zones)? 10
11 Impact of Disposable Domains DNS Caching heavy load, premature eviction of useful domains hierarchical cache DNSSEC-Enabled Resolvers be careful about implementation, e.g. verification Passive DNS Databases storage requirement query-response latency 11
12 Measure Disposable Domains Different than traditional content delivery? How prevalent? Growth? Implication? 12
13 Outline Data Collection and Analysis Defining Disposable Domains Mining Disposable Domains Results Discussion 13 Conclusion
14 DNS Resolution Recursive DNS Server Cluster A? Server) A? Stub Resolver IN A com. TLD Below IN A Above example.com. 14
15 Notation Resource Record {t, r, d, qtype, ttl, rdata} t timestamp r anonymized IP address of host that issued the query d queried domain name qtype type of query ttl time-to-live value rdata resolved data Given the domain name d = TLD(d) = com, 2LD(d) = example.com, and 3LD(d) = We use the notion of zone loosely, it can be 2LD, 3LD, or any Nth-level domain. 15
16 Dataset Full passive DNS (fpdns) dataset A mid-western city in US, Comcast, RDNS Server Cluster 02/01/2011 to 02/07/2011, 09/02/2011, 09/13/2011, 11/14/2011, from 11/28/2011 to 12/10/2011, and 12/30/2011. (24 days) A NS CNAME 2.67TB Reduced passive DNS (rpdns) dataset De-duplication 11/28/2011 to 12/10/ to 9 GB/Day 16
17 17 DNS Traffic Volume
18 DNS Traffic Volume Observation 1: Positive Caching. 10^6 Above RDNS Servers 10^7 Below RDNS Servers 18
19 DNS Traffic Volume Observation 2: Diurnal Effect heavy load times! 10 AM Midnight 19
20 DNS Traffic Volume Observation 3: Google + Akamai < Half Traffic. 20
21 DNS Traffic Volume Observation 4: No Negative Caching. [RFC2308] NXDOMAIN: 40% NXDOMAIN: 6% 21
22 22 DNS Long Tail of Lookup Volume
23 DNS Long Tail of Lookup Volume Observation 1: More than 90% of all RRs have lookup volumes lower than 10. Observation 2: Long tail of lookup volume increased from 90% to 94% in Lookups 23
24 DNS Cache Hit Rate Black Box Analysis Domain Hit Rate Total query: answers seen below the RDNS cluster Cache miss: answers issued to the RDNS cluster observed above them Cache hit: total query - cache miss Cache Hit Rate 24
25 25 Domain Hit Rate Distribution
26 Domain Hit Rate Distribution Observation 1: 89% of all RRs have domain hit rate of 0%. Observation 2: Long tail of domain hit rate increased from 89% to 93% in % 26
27 27 Cache Hit Rate Distribution
28 Cache Hit Rate Distribution Observation: 58% cache hit rates are lower than 50%. 58% 28
29 29 DNS Deduplication
30 DNS Deduplication Log Scale Observation 1: The number of new RRs observed every day decreased by 13,614,102 (30%) on the 13th consecutive day. 30
31 DNS Deduplication Log Scale Observation 2: Number of new Akamai RRs dropped by 128,957 (69%) records on the 13th day. 31
32 DNS Deduplication Log Scale Observation 3: Google increases its daily new RRs by 4,264,585 (25%) on the 13th consecutive day. 32
33 Outline Data Collection and Analysis Defining Disposable Domains Mining Disposable Domains Results Discussion 33 Conclusion
34 Disposable Domains Definition Successfully resolved domain names that have the following two properties: Their name strings are automatically generated. Namely, some software generates them with an algorithm. The RRs under a given zone are only observed once, or a handful of times, when they are in the recursive DNS servers cache. More formally, the RRs of child domains under the zone have a low or close to zero median value in cache hit rate distribution. 34
35 Training Dataset 398 disposable zones 401 non-disposable zones Randomly selected 2LD zones from the top 1,000 Alexa domain names 35
36 Zone Structure Algorithm-generated string can be anywhere in the domain name e. 11dfrin96mcqal3p534njpwplq.avqs.mcafee.com p2.a22a43lt5rwfg.ihg5ki5i6q3cfn3n i1.ds.ipv6- exp.l.google.com load-0-p-01.up mem p-50.swap p device.trans.manage.esoft.com Domains generated by the same algorithm are under the same zone, and have same number of periods Intuition for Domain Name Tree 36
37 37 Cache Hit Rate Distribution
38 Cache Hit Rate Distribution 90% Observation 1: 90% of cache hit rates from disposable RRs are zero. 38
39 Cache Hit Rate Distribution Observation 2: Half of cache hit rates from non-disposable RRs are over % 39
40 Cache Hit Rate Distribution Observation 2: Half of cache hit rates from non-disposable RRs are over % 40
41 Outline Data Collection and Analysis Defining Disposable Domains Mining Disposable Domains Results Discussion 41 Conclusion
42 Disposable Zone Miner FpDNS Disposable Zone Miner Domain Name Tree Builder Disposable Domain Classifier Disposable Zone Ranking 1.a.example.com a.example.com com root net example.com b.example.com c.example.com 4.b.example.com 2.a.example.com 3.a.example.com i.1.a.example.com depth 3 depth 4 depth 5 Six Tree Structure Features Two Cache Hit Rate Features 42
43 Domain Name Tree a.example.com, i.1.a.example.com, 2.a.example.com, 3.a.example.com, 4.b.example.com, and c.example.com 43
44 Domain Name Tree Non-leaf node root 1.a.example.com a.example.com com net example.com b.example.com c.example.com depth 3 depth 4 depth 5 Leaf node 4.b.example.com 2.a.example.com 3.a.example.com i.1.a.example.com 44
45 Domain Name Tree root a.example.com com net example.com b.example.com 1.a.example.com c.example.com Child nodes of a.example.com 4.b.example.com 2.a.example.com 3.a.example.com depth 3 depth 4 depth 5 i.1.a.example.com 45
46 Domain Name Tree root a.example.com Descendants of example.com 1.a.example.com com net example.com b.example.com c.example.com depth 3 depth 4 depth 5 2.a.example.com 4.b.example.com 3.a.example.com i.1.a.example.com 46
47 Domain Name Tree root 1.a.example.com a.example.com com net example.com b.example.com c.example.com depth 3 depth 4 depth 5 2.a.example.com 4.b.example.com 3.a.example.com i.1.a.example.com 47
48 Groups G 3 = {a.example.com, c.example.com} G 4 = {2.a.example.com, 3.a.example.com, 4.b.example.com} G 5 ={i.1.a.example.com} Set of labels for each G k L 3 = {a,c}, L 4 = {a,b}, and L 5 = {a} 48
49 Tree Structure Features For each set G k, we calculate corresponding set L k. Let the Shannon entropy of characters in the label l be H(l). For all the labels l i (i = 1...m) in set L k we compute the entropy values H (l i ). Cardinality m of the set L k Maximum Minimum Average Median Variance of all H(l i ) values. 49
50 Cache Hit Rate Features From the cache hit rate distribution of each set G k. Median Percentage of RRs with zero cache hit rate 50
51 Classify G 3 = {a.example.com, c.example.com} G 4 = {2.a.example.com, 3.a.example.com, 4.b.example.com} G 5 ={i.1.a.example.com} 51
52 Domain Name Tree G 3 = {a.example.com, c.example.com} likely to be disposable! root 1.a.example.com a.example.com com net example.com b.example.com c.example.com depth 3 depth 4 depth 5 2.a.example.com 4.b.example.com 3.a.example.com i.1.a.example.com 52
53 Domain Name Tree G 3 = {a.example.com, c.example.com} likely to be disposable! root 1.a.example.com a.example.com com net example.com b.example.com c.example.com depth 3 depth 4 depth 5 2.a.example.com 4.b.example.com 3.a.example.com i.1.a.example.com 53
54 Classifier LAD tree True Positive 97% False Positive 1% 54
55 55 Algorithm
56 Outline Data Collection and Analysis Defining Disposable Domains Mining Disposable Domains Results Discussion 56 Conclusion
57 Results Disposable Zone Miner was run over 02/01/2011, 09/02/2011, 09/13/2011, 11/14/2011, 11/29/2011, 12/30/ ,397 2LDs including 14,488 disposable zones using disposable domains with over 90% confidence 57
58 Prevalence Popular websites labelled: Google, Microsoft AV/DNSBL labelled: McAfee, Sophos, Sonicwall new: countries.nerd.dk, Spamhaus, Mailshell, sorbs.net Social Network labelled: Facebook, Myspace new: photobucket, msn, linkbucks, torn, vkontakte, Quora Streaming Services labelled: Netflix P2P services new: Skype Tracking services new: esomniture.com Ad networks new: AdSense, Bluelink Marketing E-commerce business labelled: Paypal new: ClickBank 58
59 Skype aa0pt04dj0srjvtcrjjbzbyf3bb2kpptqb6qjh6cxq6yda4byamuzumlnqgq.vnkubl40ma3rkskoemnx3p2c2qxbjcwwpjz0zojdc4zxtz2avg0ap5okcjnt.2pttogpgckb36w6z203vyffor5keyyvylhe41gkxoq0l6nlxqgnuqaklo4gg.dtntv2qagsuvwt3nelfuresdvnvouyzu31ur65kczmt43mz2vyzl.sa.skype.net aa1flkw2x04oggqgp2ltmh3gfyg6hthvevufbozvokg6f3ybrulsvwwqmphg.1payh4gntmwk4p3rmq5jepahusks2krfa0wuxzn1e1bkzz624lke0aonxbgk.4db55waheppd5vgwyfdtwkmfhtocmr0ee66wz1hrhoyq4p65pubmtcttrmxh.rtt0k4bkwjafw41css2ymwjhwfaqy1zf14n13ao2jgjrjbrowyzr.sa.skype.net aa1uw2qznoadmcfkruyvnomhfjue1cq4pr0a3zsjn66z2sp5jpekl420315s.o1zznxcrtx143fjcuanb1nx4w2aehocepm3m1tdknuqlu02jwgtyrvuea5qm.myzpjf0nzlrpk46osk0m6n3dl32kvkfnobc0eobnunk65opfqc3zraq50ut3.0klfz24gaw6rhyvy2jjd6olc613v5f14l0cb2ppvhv4hj4ge5z4g.sa.skype.net aa344vrgfutcxvyuv4jshy2zzmhfeeb1jto0ekp1vxr0pdb666edh54cwmng.2zpmz0cdlcb4kzs0e551tkmynpoeewyweg4q1gdnecb545jvc1wme30me3w1.yog265e04nc26kl1jkyrnbrkf55ze2d6khwfpwhxbqjalruwnp61414czdx2.fqu0nap4fqs3a22v16hf1fudshsfhwhsz02abhk6hs41q4oz5d3e.sa.skype.net aa4nsp6mftelf1j0qj1km6dwhanb1k45kemfyf2axvszr5tjxwhx04vbvjxf.nav1qr2b0stm00mjm5lfcjek24bkdxggf5dqxw2n0epgg31dfl20nvn2o4tt.mz5dgb2ql4ektaeepenvpyov6oygys03o3xbvhmoafvwtlkmjcxnun2q0ozu.krvbw6j0loehfovkbw4phbpttf3okv3o24ef3msrph5lbsgj0z4k.sa.skype.net aaa4sorlkuv4wxt4owbtxp24ge2puxwdul2vdhmnasoxy3y0xjflovkkzws4.s3ycv0eu6drun0j6jbrb2ps5nkhf2q6wcxbqqd43dgz3s3mxssrf5s63q5rv.nkysazqgfrwt2p1sdju5qgazdnamelkucplpfk0mywyyjrrkyh532yqutv05.zgl1c6yyquzvutkpbcfq4g04lu5xfkwydpysdqhhqels51tvzbhs.sa.skype.net aaehyrhoygrb2jydabdlr24vwejp6x4nxd6bhlwsm5curofr0xtgj3yuc5pw.knxdnfsf3pqszmznxsaoejmo3qg3dd62l3wy5jha62omvote6akyza1f3uoj.u1jt2w0b2w653duh3abssmvnnejd4ytb6lqpucc2xtrgohem2syysros6vox.2t5gt6yy02olmabrpa1apgo5ckwefn1qfpptz0hcpfqw0k3k2fgv.sa.skype.net aagjnzyxe3w5n0c5htbbtkqmpebfqugqffe31vywd2xhqwprng61kba1zxub.myv4bkoa4gsryo60c2selcbmnyb0k2ccjmmdhhgjsxrsj0qsg2fypsdbpsdv.enrn3n3a4wtg6kzarermk5jkct02tot2dpl4lqlwbtj1bqkmbdluruuqve3b.cy53yp6zpkq4ocu4wyfckkkazfhb2bqd3wvf65dcxb4ffs6p0w2b.sa.skype.net aah3gpwzjmyx5hzmwkh0ph1cev61krear2ja0xqgstmwtdgdwobqfb1mjxcn.5hopa3cbwbtbsmrv1xshgsr0621h3jvyphvokw6dvqlhl5py32dc41cghkpk.g6bjxys52rvx566fppjh5o3ft4oqryldlxa4k0mn2z2ja1w4a04bbakttv2g.oh3skutu6u2qzkyto6mo16a32esfwr0amdytgjz6fzzj6n56smfh.sa.skype.net aajptdjoadjp0go20vzc5mfdzyxnd41nqdvm0j33tu43zfvoxa1w6wjh0tye.b0zfmgawl1gmaeotdp0hc5eskxzgkpbceydpzxn3yegvx1xvfdsba3x4gz3m.ybp3u5ryhd6vxb01hd3zfolhnzzt36vxwt5j040ambxoxlac1h3cehcdmrbt.chspylpxszhjbfok3zseeycjn3t2v2qx6wvrft2pe2mgtjcellr4.sa.skype.net aakrre11hxcfpuoqg4c0ydxhsm3yhmny6oxqf5ozwuonplzebtyze2s1sryv.tcywvoymp6mbqclb2g2ezwbp0nwpl0dbwnl6ovrembxuqnthrza4e4xsns2e.yvcgm5fhkgd2x53b5yxdsn2lphclvqcprqlxqow0wg4ul05c004tmyuowouq.2rbrgaephjanelkvpo1qbo4xm641mrfngm4clmrhovgfuv5r6g2v.sa.skype.net aane6nuck4zm1lqlywmmsot1nlmuydnlsqzdlyzbe0pukc1dyecfz54gn0fj.jb4jjmbh4gt4qmo65s55nkwglwvxw6rqll1zohw4dcr21zykbxt6dhxaxnal.3tt5f6aq3qnaonjtkb1nmc3l61w4gtg3j2ncvfc6se61cq1vw5hp1fuuytrt.xnwoynnu3t5dqzc5y4p3fvoup32wl2q5rumvm2xzoyzj03rly2az.sa.skype.net aanscdbeyfjl2lhfjeyvmthapfm6mjjc1scj4bclknxes0zx2znsypqoyvl4.0xuk3x4cs4mqk2ayfgh0t44d1j36psutxf0gdxc5en52ww10bp306ndmwwjz.n4q1zvaye6lpek2fz6kr5aduefpwugxcd5thbwjrvsk1fmg6l5dbwenj5uok.60eryahhznmgmj4b1kljkp2y1juuauc41pj0xyjsgbtoc6r1y3dt.sa.skype.net aaoy6yp53dbfclsvcc1nd3rsedxttzsfv641o6e0b3g5elupem3cv1yo22mp.m3mr1cpbro0vlbnetyw4zdjfslcmrlwehpvtjgocwlz0mgn0e5rawtrc0rh5.g3stu5ydwr3vwasv23xwzhauankmywfjszqhydnsu06qfmj00qgyjv3w1ute.jebmg1oy1oo4uj2hk0s3m1su4sdudxtxzxuean66ghjt4xpj5zzv.sa.skype.net aazxuqkonmubvnsdcjf3qx2t5q1dal00cur3zm4uxpsfchraczx1bftzlrnv.60m00nepwfhenm4a1hvmkfqraq0ybrsrrn022zbn3gtn3gsspmgsnqxjbxuw.z3lw5zqh2czmqsz53sozpxjn1dgv266r4p2ku4lwjyr53lcz0cm5hcf1mau3.p5xawwxq3qxfalejyf55s310enpbwttkro0rjylxo6c6qygun0u1.sa.skype.net ab4dv4s1am3okusl6uhnz1hst5fjes4wcz5agnmvmhu0nm6yksudzdngabgq.ykjdujvbz6eztehl4qhsyml5hx0xs361uyx1prs6blecwdnpgt4bwrw4dgcy.ubtysuwbvb4do4efp5g56xnr556qljsbml6vcgkn4rru14ptmrtc4lvbro3c.ahkx2kxn1z4qyetbhxfgmlup3xg0klg22ec5dhrwmtsw3q6bsnwv.sa.skype.net abczh6b55n4qowa3cvuo0sekw0ud0vmcgm0er05exeh6sq4c2rwfzyypy6b2.nae3qb35l4dm5delam1ue2owonl1xpcusfluqeosq25vnk5wvl15vqyjaw10.46vlbfhnn5lyuk6c5sv3v6dlf43afo5s6ygcj4zpp0zzxhb2gvoda5ot1gsh.cfnbs5uac3tght0ctutmzfrj5gqtc5fsyj6z4504dqvshluy1v6j.sa.skype.net abdno2lardhe543ockcmoqx45zhe1avpqr0ddn2dhjl2wdogj0v31qz0cuyv.vgvp5tudahbfjwx623vsdtl5a6vo3dv3wx6yxh5lnhhcxl6rx31gullfghw6.u50ewdtx6dxqbz6rl6pzgdwxsqh2sahwgvhxgg1zgnh2r1ho1kcfafpjn0po.ubh3nzbvux3ejf4wjubxgj1ewd5r2up4ycw4l3glnx61xdwzvhoj.sa.skype.net abgdq52put14suq5dt0mox0ktjn61ub5ke1uaxr4gxbq5ou25xyjqz6t45qj.1t0p0q1nwurjzy0w4blusfrhnq1ru05oylv20oh2zf5rundjux64xteedt6x.bugmunulv0eo0pnwvx1m5wnrjt0posdn3ubpoz4oyl6uq4l2rdmjudcmtan4.p3s6f0ddbn0g1kvonub0dncqaxw5okaf3bqv2ht3v1b4s2kugpjk.sa.skype.net abj60ado5tfoakco4h64sgnpydgdmfbnvfgdx6oecky4d1qoqwx64dgyrfjz.rbrjtud4nrvxqngkyh65yozt2snsblqxnmxy3d3qjburkg16j2lgfp2331d3.1r636wajxnvp44q2kg2jkv002xamogwr0yzltazv6vnmlqvf0ezlzv03gsdr.l0hsywzhlny2f6s4m2g6frokzdulrrh4wwrrwnegp0enlodkcbjd.sa.skype.net abnkczhtwjz665ljd3hz26u16p2x6gmtxkgfgfh5ta66zy1f2dh21tanexfs.bjpp3ck4f6pgk3xqzlffszd06xads50bq0e514qpyoersqkwbblcz04dk1en.o43baxsrrv2ahs0tbg3fa3g2mbku6wav604pl0d515b5rvytnp33cxwhbhoy.rrlnhnzojsf1jwcdxjcnfmb0to5xorxbpqaw5d4xo212p0bexm4u.sa.skype.net abqnhh4gx6mheee4y3mbkl12feec5el53r02mrd52slo5t2j1hw6fdoltgbv.6eptmuf5wognlgrzjssnxmz05sw35v16wyyxuar6pm64bddpx35sumot2gvg.o5ftozwlcqaqulqldydrtt62rtj3pjldsekxooplp5uo34rz135l6j2vpawm.sr2nyl2yb5tr32va604hee0dongdq3uoughh6yjog1jdqmqd06u2.sa.skype.net 59
60 Disposable domains and CDN 91 (0.6%) of 14,488 disposable zones were related to content delivery networks (CDNs). 24 (5.3%) of 451 CDN 2LDs (customized list of CDNs) are classified as disposable. False positives Extremely unpopular content Different level of service 60
61 61 Growth
62 Growth Observation 1: Among daily unique queried domains seen below the RDNSs, disposable domains increased from 23.1% to 27.6%. 62
63 Growth Observation 2: Among daily unique resolved domains seen below the RDNSs, disposable domains increased from 27.6% to 37.2%. 63
64 Growth Observation 3: Percentage of daily unique disposable RRs increased from 38.3% to 65.5%. 64
65 65 Growth in DNS Long Tail
66 66 Growth in DNS Long Tail
67 Outline Data Collection and Analysis Defining Disposable Domains Mining Disposable Domains Results Discussion 67 Conclusion
68 Discussion DNS Caching Human Diurnal Behavior heavy load, premature eviction of useful domains in cache hierarchical cache 68
69 Time-to-live Histogram 2.0e+07 Time to live for Disposable Domains 1.5e+07 Frequency 1.0e+07 month December February 5.0e e+00 1e+00 1e+01 1e+02 1e+03 1e+04 1e+05 TTL 69
70 Time-to-live Histogram Frequency 2.0e e e+07 Time to live for Disposable Domains Domain owners switched to use relatively larger TTL values over time. Recursive DNS software enforce minimum time of caching, even when the TTL is set to zero [RFC 1536], [RFC 1912]. month December February 5.0e e+00 1e+00 1e+01 1e+02 1e+03 1e+04 1e+05 TTL 70
71 Discussion DNS Caching heavy load, premature eviction of useful domains in cache hierarchical cache DNSSEC-Enabled Resolvers be careful about implementation, e.g. verification Passive DNS Databases storage requirement query-response latency 71
72 72 New Resource Records over 13 days
73 New Resource Records over 13 days Using wildcard in the storage scheme, we can reduce 129,674,213 distinct disposable resource records to 945,065 (0.7%). 73
74 Conclusion We presented a study from large scale DNS traffic traces collected at Comcast serving millions of end users. We proposed a novel algorithm to measure DNS zones that extensively use disposable domains. We discussed the possible negative implications that disposable domains may have on the DNS caching infrastructure, DNSSEC-validating resolvers, and passive DNS data collection systems. 74
DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic
DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic Yizheng Chen, Manos Antonakakis, Roberto Perdisci, Yacin Nadji, David Dagon, Wenke Lee College of Computing, Georgia Institute
More informationNext-Generation DNS Monitoring Tools
Next-Generation DNS Monitoring Tools Cyber Security Division 2012 Principal Investigators Meeting October 9, 2012 Wenke Lee and David Dagon Georgia Institute of Technology wenke@cc.gatech.edu 404-808-5172
More informationInternet Monitoring via DNS Traffic Analysis. Wenke Lee Georgia Institute of Technology
Internet Monitoring via DNS Traffic Analysis Wenke Lee Georgia Institute of Technology 0 Malware Networks (Botnets) 1 From General-Purpose to Targeted Attacks 11/14/12 2 Command and Control l Botnet design:
More informationPreetham Mohan Pawar (1000919136)
Charles Lever, Manos Antonakakis, Brad Reaves, Patrick Traynor, Wenke Lee Presented By:- Preetham Mohan Pawar (1000919136) University of Texas, Arlington CSE Introduction. Basic concepts.( DNS ) Mobile
More informationWeek 3 / Paper 2. Bernhard Ager, Wolfgang Mühlbauer, Georgios Smaragdakis, Steve Uhlig ACM IMC 2010.
Week 3 / Paper 2 Comparing DNS Resolvers in the Wild Bernhard Ager, Wolfgang Mühlbauer, Georgios Smaragdakis, Steve Uhlig ACM IMC 2010. Main point How does ISP DNS compare with Google DNS and OpenDNS?
More informationInformation- Centric Networks. Section # 3.2: DNS Issues Instructor: George Xylomenos Department: Informatics
Information- Centric Networks Section # 3.2: DNS Issues Instructor: George Xylomenos Department: Informatics Funding These educational materials have been developed as part of the instructors educational
More informationDetecting Malware Domains at the Upper DNS Hierarchy
Abstract Detecting Malware Domains at the Upper DNS Hierarchy Manos Antonakakis *, Roberto Perdisci, Wenke Lee *, Nikolaos Vasiloglou II, and David Dagon * Damballa Inc. {manos,nvasil}@damballa.com * Georgia
More informationThe secret life of a DNS query. Igor Sviridov <sia@nest.org> 20120522
The secret life of a DNS query Igor Sviridov 20120522 Preface Nowadays, when we type URL (or is it a search string? ;-) into a browser (or mobile device) many things happen. While most of
More informationDomain Name System. CS 571 Fall 2006. 2006, Kenneth L. Calvert University of Kentucky, USA All rights reserved
Domain Name System CS 571 Fall 2006 2006, Kenneth L. Calvert University of Kentucky, USA All rights reserved DNS Specifications Domain Names Concepts and Facilities RFC 1034, November 1987 Introduction
More informationLecture 2 CS 3311. An example of a middleware service: DNS Domain Name System
Lecture 2 CS 3311 An example of a middleware service: DNS Domain Name System The problem Networked computers have names and IP addresses. Applications use names; IP uses for routing purposes IP addresses.
More informationPart 5 DNS Security. SAST01 An Introduction to Information Security 2015-09-21. Martin Hell Department of Electrical and Information Technology
SAST01 An Introduction to Information Security Part 5 DNS Security Martin Hell Department of Electrical and Information Technology How DNS works Amplification attacks Cache poisoning attacks DNSSEC 1 2
More informationBasheer Al-Duwairi Jordan University of Science & Technology
Basheer Al-Duwairi Jordan University of Science & Technology Outline Examples of using network measurements /monitoring Example 1: fast flux detection Example 2: DDoS mitigation as a service Future trends
More informationA Centralized Monitoring Infrastructure for Improving DNS Security
A Centralized Monitoring Infrastructure for Improving DNS Security Manos Antonakakis, David Dagon, Xiapu Luo, Roberto Perdisci, Wenke Lee, and Justin Bellmor {manos, dagon, csxpluo, perdisci, wenke}@cc.gatech.edu,
More informationComputer Networks: Domain Name System
Computer Networks: Domain Name System Domain Name System The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses DNS www.example.com 208.77.188.166 http://www.example.com
More informationInternetworking with TCP/IP Unit 10. Domain Name System
Unit 10 Domain Name System Structure 10.1 Introduction 10.2 Fully Qualified Domain Names (FQDNs) Generic Domains Country Domains 10.3 Mapping domain names to IP addresses 10.4 Mapping IP Addresses to Domain
More informationUnderstanding DNS (the Domain Name System)
Understanding DNS (the Domain Name System) A white paper by Incognito Software January, 2007 2007 Incognito Software Inc. All rights reserved. Understanding DNS (the Domain Name System) Introduction...2
More informationMotivation. Domain Name System (DNS) Flat Namespace. Hierarchical Namespace
Motivation Domain Name System (DNS) IP addresses hard to remember Meaningful names easier to use Assign names to IP addresses Name resolution map names to IP addresses when needed Namespace set of all
More informationDecoding DNS data. Using DNS traffic analysis to identify cyber security threats, server misconfigurations and software bugs
Decoding DNS data Using DNS traffic analysis to identify cyber security threats, server misconfigurations and software bugs The Domain Name System (DNS) is a core component of the Internet infrastructure,
More informationThe Domain Name System
The Domain Name System Antonio Carzaniga Faculty of Informatics University of Lugano October 9, 2012 2005 2007 Antonio Carzaniga 1 IP addresses and host names Outline DNS architecture DNS process DNS requests/replies
More informationThe Domain Name System (DNS)
The Domain Name System (DNS) Each Internet host is assigned a host name and an IP address Host names are structured character strings, e.g., www.cs.iastate.edu IP addresses are 32 bit integers, e.g., 129.186.3.6
More informationAkamai CDN, IPv6 and DNS security. Christian Kaufmann Akamai Technologies DENOG 5 14 th November 2013
Akamai CDN, IPv6 and DNS security Christian Kaufmann Akamai Technologies DENOG 5 14 th November 2013 Agenda Akamai Introduction Who s Akamai? Intelligent Platform & Traffic Snapshot Basic Technology Akamai
More informationBuilding a Dynamic Reputation System for DNS
Building a Dynamic Reputation System for DNS Manos Antonakakis, Roberto Perdisci, David Dagon, Wenke Lee, and Nick Feamster College of Computing, Georgia Institute of Technology, {manos,rperdisc,dagon,wenke,feamster}@cc.gatech.edu
More informationEE 7376: Introduction to Computer Networks. Homework #3: Network Security, Email, Web, DNS, and Network Management. Maximum Points: 60
EE 7376: Introduction to Computer Networks Homework #3: Network Security, Email, Web, DNS, and Network Management Maximum Points: 60 1. Network security attacks that have to do with eavesdropping on, or
More informationThe Domain Name System
Internet Engineering 241-461 Robert Elz kre@munnari.oz.au kre@coe.psu.ac.th http://fivedots.coe.psu.ac.th/~kre DNS The Domain Name System Kurose & Ross: Computer Networking Chapter 2 (2.5) James F. Kurose
More informationDNS traffic analysis -- Issues of IPv6 and CDN --
DNS traffic analysis -- Issues of IPv6 and CDN -- Kazunori Fujiwara ^, Akira Sato, Kenichi Yoshida University of Tsukuba ^Japan Registry Services Co., Ltd (JPRS) July 29, 2012 IEPG meeting at Vancouver
More information3. The Domain Name Service
3. The Domain Name Service n Overview and high level design n Typical operation and the role of caching n Contents of DNS Resource Records n Basic message formats n Configuring/updating Resource Records
More informationDNS at NLnet Labs. Matthijs Mekking
DNS at NLnet Labs Matthijs Mekking Topics NLnet Labs DNS DNSSEC Recent events NLnet Internet Provider until 1997 The first internet backbone in Holland Funding research and software projects that aid the
More informationDNS and BIND. David White
DNS and BIND David White DNS: Backbone of the Internet Translates Domains into unique IP Addresses i.e. developcents.com = 66.228.59.103 Distributed Database of Host Information Works seamlessly behind
More informationDNS Conformance Test Specification For Client
DNS Conformance Test Specification For Client Revision 1.0 Yokogawa Electric Corporation References This test specification focus on following DNS related RFCs. RFC 1034 DOMAIN NAMES - CONCEPTS AND FACILITIES
More informationWE KNOW IT BEFORE YOU DO: PREDICTING MALICIOUS DOMAINS Wei Xu, Kyle Sanders & Yanxin Zhang Palo Alto Networks, Inc., USA
WE KNOW IT BEFORE YOU DO: PREDICTING MALICIOUS DOMAINS Wei Xu, Kyle Sanders & Yanxin Zhang Palo Alto Networks, Inc., USA Email {wei.xu, ksanders, yzhang}@ paloaltonetworks.com ABSTRACT Malicious domains
More informationNET0183 Networks and Communications
NET0183 Networks and Communications Lecture 25 DNS Domain Name System 8/25/2009 1 NET0183 Networks and Communications by Dr Andy Brooks DNS is a distributed database implemented in a hierarchy of many
More informationThe Internet Domain Name System
The Internet Domain Name System Hari Balakrishnan 6.829 Fall 2002 Goals DNS architecture How DNS works DNS uses Mail Content Distribution Networks (CDNs) DNS Performance How well does it work? Why does
More informationMeeting Worldwide Demand for your Content
Meeting Worldwide Demand for your Content Evolving to a Content Delivery Network A Lucent Technologies White Paper By L. R. Beaumont 4/25/01 Meeting Worldwide Demand for your Content White Paper Table
More informationIntroduction to the Domain Name System
CHAPTER 14 The Domain Name System (DNS) handles the growing number of Internet users. DNS translates names, such as www.cisco.com, into IP addresses, such as 192.168.40.0 (or the more extended IPv6 addresses),
More informationDevelopment of the Domain Name System. Joey Brown David Margolies
Development of the Domain Name System Joey Brown David Margolies Introduction DNS provides name service for the Internet 1982 - HOSTS.TXT Centrally maintained Too large Too costly to distribute Organizations
More informationContent Delivery Networks. Shaxun Chen April 21, 2009
Content Delivery Networks Shaxun Chen April 21, 2009 Outline Introduction to CDN An Industry Example: Akamai A Research Example: CDN over Mobile Networks Conclusion Outline Introduction to CDN An Industry
More informationTHE MASTER LIST OF DNS TERMINOLOGY. First Edition
THE MASTER LIST OF DNS TERMINOLOGY First Edition DNS can be hard to understand and if you re unfamiliar with the terminology, learning more about DNS can seem as daunting as learning a new language. To
More informationResponse Policy Zones for the Domain Name System (DNS RPZ) By Paul Vixie, ISC (et.al.) 2010 World Tour
Response Policy Zones for the Domain Name System (DNS ) By Paul Vixie, ISC (et.al.) 2010 World Tour Overview Motivation for DNS Response Policy Zones Relationship to DNS RBL (DNSBL) Constraints and Goals
More informationEarly Detection of Malicious Flux Networks via Large-Scale Passive DNS Traffic Analysis
JOURNAL OF L A T E X CLASS FILES, VOL. X, NO. X, JANUARY 201X 1 Early Detection of Malicious Flux Networks via Large-Scale Passive DNS Traffic Analysis Roberto Perdisci, Igino Corona, and Giorgio Giacinto
More informationTHE MASTER LIST OF DNS TERMINOLOGY. v 2.0
THE MASTER LIST OF DNS TERMINOLOGY v 2.0 DNS can be hard to understand and if you re unfamiliar with the terminology, learning more about DNS can seem as daunting as learning a new language. To help people
More informationThe Survey Report on DNS Cache & Recursive Service in China Mainland
The Survey Report on DNS Cache & Recursive Service in China Mainland Wei WANG, Chinese Academy of Sciences Zhiwei YAN, China Internet Network Information Center Motivation Improve the traditional recursive
More informationCopyright 2013 http://itfreetraining.com
Globalnames allow a domain name as short as.apple,.xbox and.intranet to be used. This video looks at how to configure Windows DNS to use names like these on your internal network and also how global names
More informationWe Know It Before You Do: Predicting Malicious Domains
We Know It Before You Do: Predicting Malicious Domains Abstract Malicious domains play an important role in many attack schemes. From distributing malware to hosting command and control (C&C) servers and
More informationAgenda. Network Services. Domain Names. Domain Name. Domain Names Domain Name System Internationalized Domain Names. Domain Names & DNS
Agenda Network Services Domain Names & DNS Domain Names Domain Name System Internationalized Domain Names Johann Oberleitner SS 2006 Domain Names Naming of Resources Problems of Internet's IP focus IP
More informationDefining and Signaling Relationships Between Domains
Defining and Signaling Relationships Between Domains Casey Deccio John Levine Abstract Various Internet protocols and applications require some mechanism for determining whether two Domain Name System
More informationAn Intrusion Detection System for Kaminsky DNS Cache poisoning
An Intrusion Detection System for Kaminsky DNS Cache poisoning Dhrubajyoti Pathak, Kaushik Baruah Departement of CSE, IIT Guwahati drbj153@alumni.iitg.ernet.in, b.kaushik@iitg.ernet.in Abstract : Domain
More informationDomain Name System 2015-04-28 17:49:44 UTC. 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement
Domain Name System 2015-04-28 17:49:44 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Domain Name System... 4 Domain Name System... 5 How DNS Works
More informationDNSSEC - Why Network Operators Should Care And How To Accelerate Deployment
DNSSEC - Why Network Operators Should Care And How To Accelerate Deployment Dan York, CISSP Senior Content Strategist, Internet Society Eurasia Network Operators' Group (ENOG) 4 Moscow, Russia October
More informationTeldat Router. DNS Client
Teldat Router DNS Client Doc. DM723-I Rev. 10.00 March, 2003 INDEX Chapter 1 Domain Name System...1 1. Introduction...2 2. Resolution of domains...3 2.1. Domain names resolver functionality...4 2.2. Functionality
More informationDomain Name System (DNS) Fundamentals
Domain Name System (DNS) Fundamentals Mike Jager Network Startup Resource Center mike.jager@synack.co.nz These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International
More informationDNS. Some advanced topics. Karst Koymans. (with Niels Sijm) Informatics Institute University of Amsterdam. (version 2.6, 2013/09/19 10:55:30)
DNS Some advanced topics Karst Koymans (with Niels Sijm) Informatics Institute University of Amsterdam (version 2.6, 2013/09/19 10:55:30) Friday, September 13, 2013 Karst Koymans (with Niels Sijm) (UvA)
More informationConfiguring DNS. Finding Feature Information
The Domain Name System (DNS) is a distributed database in which you can map hostnames to IP addresses through the DNS protocol from a DNS server. Each unique IP address can have an associated hostname.
More informationHow To Manage Dns On An Elfiq Link Load Balancer (Link Balancer) On A Pcode (Networking) On Ipad Or Ipad (Netware) On Your Ipad On A Ipad At A Pc Or Ipa
White paper The IDNS module for incoming load balancing For Elfiq Operating System (EOS) version 3.x Document Revision 1.5 October 2007 Elfiq Solutions www.elfiq.com COPYRIGHT The content of this document
More informationPresented by Greg Lindsay Technical Writer Windows Server Information Experience. Presented at: Seattle Windows Networking User Group April 7, 2010
Presented by Greg Lindsay Technical Writer Windows Server Information Experience Presented at: Seattle Windows Networking User Group April 7, 2010 Windows 7 DNS client DNS devolution Security-awareness:
More informationDistributed Systems. 09. Naming. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 09. Naming Paul Krzyzanowski Rutgers University Fall 2015 October 7, 2015 2014-2015 Paul Krzyzanowski 1 Naming things Naming: map names to objects Helps with using, sharing, and communicating
More informationDetecting Search Lists in Authoritative DNS
Detecting Search Lists in Authoritative DNS Andrew Simpson March 10 th, 2014 Summary Early research into name collisions has postulated that search list interaction drives some portion of the DNS requests
More informationRequest Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS
White paper Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS June 2001 Response in Global Environment Simply by connecting to the Internet, local businesses transform themselves
More informationDNS/DNSSEC loose ends
DNS/DNSSEC loose ends Karst Koymans & Niels Sijm Informatics Institute University of Amsterdam Friday, September 21, 2012 Karst Koymans & Niels Sijm (UvA) DNS/DNSSEC loose ends Friday, September 21, 2012
More informationHow To Understand The Power Of A Content Delivery Network (Cdn)
Overview 5-44 5-44 Computer Networking 5-64 Lecture 8: Delivering Content Content Delivery Networks Peter Steenkiste Fall 04 www.cs.cmu.edu/~prs/5-44-f4 Web Consistent hashing Peer-to-peer CDN Motivation
More informationUnderstand Names Resolution
Understand Names Resolution Lesson Overview In this lesson, you will learn about: Domain name resolution Name resolution process steps DNS WINS Anticipatory Set 1. List the host name of 4 of your favorite
More informationAkamai CDN, IPv6 and DNS security. Christian Kaufmann Akamai Technologies APNIC 36 26 th August 2013
Akamai CDN, IPv6 and DNS security Christian Kaufmann Akamai Technologies APNIC 36 26 th August 2013 Agenda Akamai Introduction Who s Akamai? Intelligent Platform & Traffic Snapshot Basic Technology Akamai
More informationDeploying DNSSEC: From End-Customer To Content
Deploying DNSSEC: From End-Customer To Content March 28, 2013 www.internetsociety.org Our Panel Moderator: Dan York, Senior Content Strategist, Internet Society Panelists: Sanjeev Gupta, Principal Technical
More informationJohn S. Otto Fabián E. Bustamante
John S. Otto Fabián E. Bustamante Northwestern, EECS AIMS-4 CAIDA, SDSC, San Diego, CA Feb 10, 2012 http://aqualab.cs.northwestern.edu ! CDNs direct web clients to nearby content replicas! Several motivations
More informationDNS Footprint of Malware
DNS Footprint of Malware Ed Stoner ers@cert.org CERT Network Situational Awareness 2010 Carnegie Mellon University Anexa Automated Run-Time Analysis environment Malicious Software Catalog of millions of
More informationMonitoring cache poisoning attacks
Monitoring cache poisoning attacks 2008 OARC Workshop Tsuyoshi TOYONO and Keisuke ISHIBASHI NTT Information Sharing Platform Labs. NTT 1 Outline Motivation Issues on caching servers Monitoring tool: Methodology
More information- Domain Name System -
1 Name Resolution - Domain Name System - Name resolution systems provide the translation between alphanumeric names and numerical addresses, alleviating the need for users and administrators to memorize
More informationDNS Abuse Handling. Champika Wijayatunga APRICOT2015 Fukuoka Japan Feb 2015
DNS Abuse Handling Champika Wijayatunga APRICOT2015 Fukuoka Japan Feb 2015 Acknowledgements Dave Piscitello Vice President, Security and ICT Coordination ICANN 2 2 Agenda 1 2 3 Brief Overview of DNS Defining
More informationDomain Name System (DNS) Session-1: Fundamentals. Ayitey Bulley abulley@ghana.com
Domain Name System (DNS) Session-1: Fundamentals Ayitey Bulley abulley@ghana.com Computers use IP addresses. Why do we need names? Names are easier for people to remember Computers may be moved between
More informationMeasuring the Web: Part I - - Content Delivery Networks. Prof. Anja Feldmann, Ph.D. Dr. Ramin Khalili Georgios Smaragdakis, PhD
Measuring the Web: Part I - - Content Delivery Networks Prof. Anja Feldmann, Ph.D. Dr. Ramin Khalili Georgios Smaragdakis, PhD Acknowledgement Material presented in these slides is borrowed from presentajons
More informationLesson 13: DNS Security. Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division
Lesson 13: DNS Security Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division Introduction to DNS The DNS enables people to use and surf the Internet, allowing the translation
More informationDNS. The Root Name Servers. DNS Hierarchy. Computer System Security and Management SMD139. Root name server. .se name server. .
Computer System Security and Management SMD139 Lecture 5: Domain Name System Peter A. Jonsson DNS Translation of Hostnames to IP addresses Hierarchical distributed database DNS Hierarchy The Root Name
More informationReverse DNS considerations for IPv6
Reverse DNS considerations for IPv6 Kostas Zorbadelos OTE David Freedman - ClaraNet Reverse DNS in IPv4 Every Internet-reachable host should have a name Make sure your PTR and A records match. For every
More informationDistributed Systems. 22. Naming. 2013 Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 22. Naming Paul Krzyzanowski Rutgers University Fall 2013 November 21, 2013 2013 Paul Krzyzanowski 1 My 15 MacBook Pro The rightmost computer on my desk Paul s aluminum laptop, but
More informationMaking the Internet fast, reliable and secure. DE-CIX Customer Summit - 2014. Steven Schecter <schecter@akamai.com>
Making the Internet fast, reliable and secure DE-CIX Customer Summit - 2014 Steven Schecter What is a Content Distribution Network RFCs and Internet Drafts define a CDN as: Content
More informationApplication and service delivery with the Elfiq idns module
Technical White Paper Application and service delivery with the Elfiq idns module For Elfiq Operating System (EOS) version 3.x Document Revision 1.63 June 2012 Table of Contents 1. The IDNS module... 3
More informationClassifying DNS Heavy User Traffic by using Hierarchical Aggregate Entropy. 2012/3/5 Keisuke Ishibashi, Kazumichi Sato NTT Service Integration Labs
Classifying DNS Heavy User Traffic by using Hierarchical Aggregate Entropy 2012/3/5 Keisuke Ishibashi, Kazumichi Sato NTT Service Integration Labs Motivation Network resources are consumed by a small number
More informationDNSSEC Applying cryptography to the Domain Name System
DNSSEC Applying cryptography to the Domain Name System Gijs van den Broek Graduate Intern at SURFnet Overview First half: Introduction to DNS Attacks on DNS Second half: DNSSEC Questions: please ask! DNSSEC
More informationSTATE OF DNS AVAILABILITY REPORT
STATE OF DNS AVAILABILITY REPORT VOLUME 1 ISSUE 1 APRIL 2011 WEB SITES AND OTHER ONLINE SERVICES ARE AMONG THE MOST IMPORTANT OPERATIONAL AND REVENUE GENERATING TOOLS FOR BUSINESSES OF ALL SIZES AND INDUSTRIES.
More informationProtection of DNS using HAVAL
International Journal of Electronics and Computer Science Engineering 972 Available Online at www.ijecse.org ISSN- 2277-1956 Protection of DNS using HAVAL Raghvendra Vikram Singh 1, Deepak Chaudhary 2
More informationInternet-Praktikum I Lab 3: DNS
Kommunikationsnetze Internet-Praktikum I Lab 3: DNS Mark Schmidt, Andreas Stockmayer Sommersemester 2015 kn.inf.uni-tuebingen.de Motivation for the DNS Problem IP addresses hard to remember for humans
More informationHow To Guide Edge Network Appliance How To Guide:
How To Guide Edge Network Appliance How To Guide: ActiveDNS v 4.01 Edge Network Appliance How To Guide: ActiveDNS 2007 XRoads Networks 17165 Von Karman, Suite 112 888-9-XROADS v 4.01 updated 09/11/07 Table
More informationBasic DNS Course. Module 1. DNS Theory. Ron Aitchison ZYTRAX, Inc. Page 1 of 24
Basic DNS Course Module 1 Ron Aitchison ZYTRAX, Inc. Page 1 of 24 The following are the slides used in this Module of the course. Some but not all slides have additional notes that you may find useful.
More informationDomain Name Service (DNS) Training Division, NIC New Delhi
Domain Name Service (DNS) Training Division, NIC New Delhi Domain Name Service (DNS) I. History of DNS II. DNS structure and its components III. Functioning of DNS IV. Replicating DNS V. Dynamic update
More informationManaging DNS Server Properties
CHAPTER 17 Managing DNS Server Properties This chapter explains how to set the DNS server parameters. Before you proceed with the tasks in this chapter, read Chapter 15, Managing Zones, which explains
More informationUse Domain Name System and IP Version 6
Use Domain Name System and IP Version 6 What You Will Learn The introduction of IP Version 6 (IPv6) into an enterprise environment requires some changes both in the provisioned Domain Name System (DNS)
More informationLarge-Scale IP Traceback in High-Speed Internet
2004 IEEE Symposium on Security and Privacy Large-Scale IP Traceback in High-Speed Internet Jun (Jim) Xu Networking & Telecommunications Group College of Computing Georgia Institute of Technology (Joint
More informationFrom Internet Data Centers to Data Centers in the Cloud
From Internet Data Centers to Data Centers in the Cloud This case study is a short extract from a keynote address given to the Doctoral Symposium at Middleware 2009 by Lucy Cherkasova of HP Research Labs
More informationNames vs. Addresses. Flat vs. Hierarchical Space. Domain Name System (DNS) Computer Networks. Lecture 5: Domain Name System
Names vs. Addresses Computer Networks Lecture 5: Domain Name System Names are easier for human to remember www.umich.edu vs. 141.213.4.4 Addresses can be changed without changing names move www.umich.edu
More informationCS 355. Computer Networking. Wei Lu, Ph.D., P.Eng.
CS 355 Computer Networking Wei Lu, Ph.D., P.Eng. Chapter 2: Application Layer Overview: Principles of network applications? Introduction to Wireshark Web and HTTP FTP Electronic Mail: SMTP, POP3, IMAP
More informationThe Impact of DNSSEC. Matthäus Wander. on the Internet Landscape. <matthaeus.wander@uni-due.de> Duisburg, June 19, 2015
The Impact of DNSSEC on the Internet Landscape Matthäus Wander Duisburg, June 19, 2015 Outline Domain Name System Security problems Attacks in practice DNS Security Extensions
More informationDomain Name System (DNS) Security By Diane Davidowicz 1999 Diane Davidowicz
Domain Name System (DNS) Security By Diane Davidowicz 1999 Diane Davidowicz Contents 1. Abstract...3 2. Introduction...3 3. Overview of the DNS...3 3.1. Fundamentals of DNS...4 3.1.1. The Domain Name Space...4
More informationDomain Name System (DNS)
Domain Name System (DNS) Instructor: Anirban Mahanti Office: ICT 745 Email: mahanti@cpsc.ucalgary.ca Class Location: ICT 121 Lectures: MWF 12:00 12:50 Notes derived from Computer Networking: A Top Down
More informationDNS : Domain Name System
1/30 DNS : Domain Name System Surasak Sanguanpong nguan@.ac.th http://www...ac.th/~nguan Last updated: May 24, 1999 Outline 2/30 DNS basic name space name resolution process protocol configurations Why
More informationThe Domain Name System
DNS " This is the means by which we can convert names like news.bbc.co.uk into IP addresses like 212.59.226.30 " Purely for the benefit of human users: we can remember numbers (e.g., telephone numbers),
More informationNaming and the DNS. Focus. How do we name hosts etc.? Application Presentation Topics. Session Domain Name System (DNS) Email/URLs
Naming and the DNS Focus How do we name hosts etc.? Application Presentation Topics Session Domain Name System (DNS) Email/URLs Transport Network Data Link Physical Ldns.1 Names and Addresses 43 name address
More informationInstalling and Setting up Microsoft DNS Server
Training Installing and Setting up Microsoft DNS Server Introduction Versions Used Windows Server 2003 Setup Used i. Server Name = martini ii. Credentials: User = Administrator, Password = password iii.
More informationSTARTER KIT. Infoblox DNS Firewall for FireEye
STARTER KIT Introduction Infoblox DNS Firewall integration with FireEye Malware Protection System delivers a unique and powerful defense against Advanced Persistent Threats (APT) for business networks.
More informationTable of Contents DNS. How to package DNS messages. Wire? DNS on the wire. Some advanced topics. Encoding of domain names.
Table of Contents DNS Some advanced topics Karst Koymans Informatics Institute University of Amsterdam (version 154, 2015/09/14 10:44:10) Friday, September 11, 2015 DNS on the wire Encoding of domain names
More informationDomain Name System. DNS is an example of a large scale client-server application. Copyright 2014 Jim Martin
Domain Name System: DNS Objective: map names to IP addresses (i.e., high level names to low level names) Original namespace was flat, didn t scale.. Hierarchical naming permits decentralization by delegating
More informationSecure Domain Name System (DNS) Deployment Guide
NIST Special Publication 800-81-2 Secure Domain Name System (DNS) Deployment Guide Ramaswamy Chandramouli Scott Rose C O M P U T E R S E C U R I T Y NIST Special Publication 800-81-2 Secure Domain Name
More information