Dissertação de Mestrado de Luciano Zembruzki

Contato

Detalhes do Evento

Date: 28/02/2020 09:30 – 11:30
Categorias: Dissertação de Mestrado, Defesas

Aluno: Luciano Zembruzki
Orientador: Prof. Dr. Lisandro Zambenedetti Granville

Título: dnstracker: Measuring Centralization of DNS Infrastructure in the Wild
Linha de Pesquisa: Arquiteturas, Protocolos e Gerência de Redes e Serviço

Data: 28/02/2020
Horário: 09h30min.
Local: Sala 218 do Prédio 43412 do Instituto de Informática da UFRGS.

Banca Examinadora:
– Prof. Dr. Luciano Paschoal Gaspary (UFRGS)
– Prof. Dr. Jeferson Campos Nobre (UFRGS)
– Prof. Dr. Guilherme da Cunha Rodrigues (IFSUL)

Presidente da Banca: Prof. Dr. Lisandro Zambenedetti Granville

Abstract: The Internet Domain Naming System (DNS) is one of the pillars of the Internet and has been the object of a number of Distributed Denial-of-Service (DDoS) attacks over the years. As a countermeasure, the DNS infrastructure has been programmed to include a series of replication measures, such as relying on multiple authoritative DNS servers and the use of IP anycast. Even though these countermeasures have been in place, it has been found that, when servers rely on third-party DNS providers for reliable services, there may be a certain degree of infrastructure centralization. In this case, an attack against a DNS target might affect other authoritative DNS servers that share a part of the infrastructure with the intended victim. However, measuring these kinds of infrastructure sharing is a daunting task, given that generally, researchers do not have access to internal DNS provider. In this work, an attempt is made to set out a solution that is supported by a \texttt{dnstracker} tool that uses active DNS measurements to determine, the varying levels of shared infrastructure. As a case study, we analyze the authoritative name servers of all the domains of the most visited websites in the Alexa Top 1 Million List. Our results show that, in some cases, up to 12,000 authoritative name servers share the same underlying infrastructure of a third-party DNS provider. This means that, in the event of an attack, these authoritative DNS servers have increased their risk of suffering from collateral damage.

Keywords: DNS. Measurement. Centralization. Colateral Damage.