English
Related papers

Related papers: ECSeptional DNS Data: Evaluating Nameserver ECS De…

200 papers

Although the Domain Name System (DNS) was designed as a naming system, its features have made it appealing to repurpose it for the deployment of novel systems. One important class of such systems are security enhancements, and this work…

Cryptography and Security · Computer Science 2017-02-20 Pawel Szalachowski , Adrian Perrig

The absence of security and privacy measures between DNS recursive resolvers and authoritative nameservers has been exploited by both on-path and off-path attackers. Although numerous security proposals have been introduced in practice and…

Cryptography and Security · Computer Science 2025-06-27 Ali Sadeghi Jahromi , AbdelRahman Abdou , Paul C. van Oorschot

Efficient service discovery is a cornerstone of the rapidly expanding Internet of Things (IoT) and edge computing ecosystems, where low latency and localized service provisioning are critical. This paper proposes a novel location-based DNS…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-11-21 Kurt Horvath , Dragi Kimovski

The DNS (Domain Name System) protocol has been in use since the early days of the Internet. Although DNS as a de facto networking protocol had no security considerations in its early years, there have been many security enhancements, such…

Cryptography and Security · Computer Science 2025-02-17 Abdullah Aydeger , Sanzida Hoque , Engin Zeydan , Kapal Dev

Improperly configured domain name system (DNS) servers are sometimes used as packet reflectors as part of a DoS or DDoS attack. Detecting packets created as a result of this activity is logically possible by monitoring the DNS request and…

Networking and Internet Architecture · Computer Science 2021-11-10 Keiichi Shima , Ryo Nakamura , Kazuya Okada , Tomohiro Ishihara , Daisuke Miyamoto , Yuji Sekiya

DNS is one of the core building blocks of the Internet. In this paper, we investigate DNS resolution in a strict IPv6-only scenario and find that a substantial fraction of zones cannot be resolved. We point out, that the presence of an AAAA…

Networking and Internet Architecture · Computer Science 2023-02-23 Florian Streibelt , Patrick Sattler , Franziska Lichtblau , Carlos H. Gañán , Anja Feldmann , Oliver Gasser , Tobias Fiebig

Distributed Denial-of-Service (DDoS) attacks exhaust resources, leaving a server unavailable to legitimate clients. The Domain Name System (DNS) is a frequent target of DDoS attacks. Since DNS is a critical infrastructure service,…

Cryptography and Security · Computer Science 2022-09-16 A S M Rizvi , Jelena Mirkovic , John Heidemann , Wesley Hardaker , Robert Story

Edge computing is seen as an enabler for upcoming applications requiring low latency offloading, such as augmented reality, and as a key building block for Internet of Things. Edge computing extends the centralized cloud computing model by…

Networking and Internet Architecture · Computer Science 2018-05-07 Aleksandr Zavodovski , Nitinder Mohan , Jussi Kangasharju

We present practical poisoning and name-server block- ing attacks on standard DNS resolvers, by off-path, spoofing adversaries. Our attacks exploit large DNS responses that cause IP fragmentation; such long re- sponses are increasingly…

Cryptography and Security · Computer Science 2015-03-20 Amir Herzberg , Haya Shulman

As Internet users have become more savvy about the potential for their Internet communication to be observed, the use of network traffic encryption technologies (e.g., HTTPS/TLS) is on the rise. However, even when encryption is enabled,…

Cryptography and Security · Computer Science 2020-07-09 Nguyen Phong Hoang , Arian Akhavan Niaki , Nikita Borisov , Phillipa Gill , Michalis Polychronakis

The traditional design principle for Internet protocols indicates: "Be strict when sending and tolerant when receiving" [RFC1958], and DNS is no exception to this. The transparency of DNS in handling the DNS records, also standardised…

Cryptography and Security · Computer Science 2022-05-12 Philipp Jeitner , Haya Shulman

The flourish of web-based services gave birth to the research area \textit{services computing}, a rapidly-expanding academic community since nearly 20 years ago. Consensus has been reached on a set of representative research problems in…

Computers and Society · Computer Science 2021-06-18 Zhongjie Wang , Mingyi Liu , Zhiying Tu , Xiaofei Xu

The Domain Name System (DNS) serves as the backbone of the Internet, primarily translating domain names to IP addresses. Over time, various enhancements have been introduced to strengthen the integrity of DNS. Among these, DNSSEC stands out…

Cryptography and Security · Computer Science 2025-12-09 Aduma Rishith , Aditya Kulkarni , Tamal Das , Vivek Balachandran

The domain name system (DNS) is an important protocol in today's Internet operation, and is the standard naming convention between domain names, names that are easy to read, understand, and remember by humans, to IP address of Internet…

Cryptography and Security · Computer Science 2016-06-24 Ah Reum Kang , Jeffrey Spaulding , Aziz Mohaisen

In this paper, we revisit the open DNS (ODNS) infrastructure and, for the first time, systematically measure and analyze transparent forwarders, DNS components that transparently relay between stub resolvers and recursive resolvers. Our key…

Networking and Internet Architecture · Computer Science 2021-11-05 Marcin Nawrocki , Maynard Koch , Thomas C. Schmidt , Matthias Wählisch

Emerging protocols such as DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) improve the privacy of DNS queries and responses. While this trend towards encryption is positive, deployment of these protocols has in some cases resulted in further…

Networking and Internet Architecture · Computer Science 2021-09-23 Austin Hounsel , Paul Schmitt , Kevin Borgolte , Nick Feamster

In this paper, we study the performance of encrypted DNS protocols and conventional DNS from thousands of home networks in the United States, over one month in 2020. We perform these measurements from the homes of 2,693 participating…

Networking and Internet Architecture · Computer Science 2021-07-29 Austin Hounsel , Paul Schmitt , Kevin Borgolte , Nick Feamster

In this paper, we shed new light on the DNS amplification ecosystem, by studying complementary data sources, bolstered by orthogonal methodologies. First, we introduce a passive attack detection method for the Internet core, i.e., at…

Cryptography and Security · Computer Science 2021-10-07 Marcin Nawrocki , Mattijs Jonker , Thomas C. Schmidt , Matthias Wählisch

Nowadays, a large amount of user privacy-sensitive data is outsourced to the cloud server in ciphertext, which is provided by the data owners and can be accessed by authorized data users. When accessing data, the user should be assigned…

Cryptography and Security · Computer Science 2018-11-19 Xueyan Liu , Zhitao Guan , Xiaojiang Du , Liehuang Zhu , Zhengtao Yu , Yinglong Ma

DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user privacy by hiding DNS resolutions from passive adversaries. Yet, past attacks have shown that encrypted DNS is still sensitive to traffic analysis. As a consequence, RFC…

Cryptography and Security · Computer Science 2019-07-03 Jonas Bushart , Christian Rossow