Related papers: K-resolver: Towards Decentralizing Encrypted DNS R…
The Domain Name System (DNS) comprises name servers translating domain names into, commonly, IP addresses. Authoritative name servers hosts the resource records (RR) for certain zones, and resolver name servers are responsible for querying…
The current Domain Name System (DNS), as a core infrastructure of the internet, exhibits several shortcomings: its centralized architecture leads to censorship risks and single points of failure, making domain name resolution vulnerable to…
Virtually every Internet communication typically involves a Domain Name System (DNS) lookup for the destination server that the client wants to communicate with. Operators of DNS recursive resolvers---the machines that receive a client's…
DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user privacy by hiding DNS resolutions from passive adversaries. Yet, past attacks have shown that encrypted DNS is still sensitive to traffic analysis. As a consequence, RFC…
We introduce NinjaDoH, a novel DNS over HTTPS (DoH) protocol that leverages the InterPlanetary Name System (IPNS), along with public cloud infrastructure, to create a censorship-resistant moving target DoH service. NinjaDoH is specifically…
The Domain Name System (DNS) service is one of the pillars of the Internet. This service allows users to access websites on the Internet through easy-to-remember domain names rather than complex numeric IP addresses. DNS acts as a directory…
Many applications and protocols depend on the ability to generate a pool of servers to conduct majority-based consensus mechanisms and often this is done by doing plain DNS queries. A recent off-path attack [1] against NTP and security…
This paper investigates two key performance aspects of the interplay between public DNS resolution services and content delivery networks -- the latency of DNS queries for resolving CDN-accelerated hostnames and the latency between the…
The DNS (Domain Name System) protocol has been in use since the early days of the Internet. Although DNS as a de facto networking protocol had no security considerations in its early years, there have been many security enhancements, such…
The Domain Name System (DNS) is one of the most crucial parts of the Internet. Although the original standard defined the usage of DNS over UDP (DoUDP) as well as DNS over TCP (DoTCP), UDP has become the predominant protocol used in the…
Web query log data contain information useful to research; however, release of such data can re-identify the search engine users issuing the queries. These privacy concerns go far beyond removing explicitly identifying information such as…
As one of the most well-studied cohesive subgraph models, the $k$-core is widely used to find graph nodes that are ``central'' or ``important'' in many applications, such as biological networks, social networks, ecological networks, and…
Over the past decade, we have witnessed the Internet becoming increasingly centralized in the hands of a small number of giant technology firms, that control many of the most popular applications and the content they host on their…
With the increasing popularity of smart homes, more and more devices need to connect to home networks. Traditional home networks mainly rely on centralized networking, where an excessive number of devices in the centralized topology can…
Many decentralized online social networks (DOSNs) have been proposed due to an increase in awareness related to privacy and scalability issues in centralized social networks. Such decentralized networks transfer processing and storage…
As Internet users have become more savvy about the potential for their Internet communication to be observed, the use of network traffic encryption technologies (e.g., HTTPS/TLS) is on the rise. However, even when encryption is enabled,…
Clustering and analyzing on collected data can improve user experiences and quality of services in big data, IoT applications. However, directly releasing original data brings potential privacy concerns, which raises challenges and…
Clustering is a fundamental data processing task used for grouping records based on one or more features. In the vertically partitioned setting, data is distributed among entities, with each holding only a subset of those features. A key…
The absence of security and privacy measures between DNS recursive resolvers and authoritative nameservers has been exploited by both on-path and off-path attackers. Although numerous security proposals have been introduced in practice and…
Several encryption proposals for DNS have been presented since 2016, but their adoption was not comprehensively studied yet. This research measured the current adoption of DoH (DNS over HTTPS), DoT (DNS over TLS), and DoQ (DNS over QUIC)…