Skip to main content
Conference ProceedingsOPEN ACCESS

Towards security of internet naming infrastructure

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2015) 9326 3-22
DOI: 10.1007/978-3-319-24174-6_1
22Citations
Citations of this article
21Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We study the operational characteristics of the server-side of the Internet’s naming infrastructure. Our findings discover common architectures whereby name servers are ‘hidden’ behind server-side caching DNS resolvers. We explore the extent and the scope of the name servers that use server-side caching resolvers, and find such configurations in at least 38% of the domains in a forward DNS tree, and higher percents of the domains in a reverse DNS tree.We characterise the operators of the server-side caching resolvers and provide motivations, explaining their prevalence. Our experimental evaluation indicates that the caching infrastructures are typically run by third parties, and that the services, provided by the third parties, often do not deploy best practices, resulting in misconfigurations, vulnerabilities and degraded performance of the DNS servers in popular domains.

Cite

CITATION STYLE

APA

Shulman, H., & Waidner, M. (2015). Towards security of internet naming infrastructure. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9326, pp. 3–22). Springer Verlag. https://doi.org/10.1007/978-3-319-24174-6_1

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free