Detecting DNS root manipulation

Ben Jones, Nick Feamster, Vern Paxson, Nicholas Weaver, Mark Allman

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Scopus citations

Abstract

We present techniques for detecting unauthorized DNS root servers in the Internet using primarily endpoint-based measurements from RIPE Atlas, supplemented with BGP routing announcements from RouteViews and RIPE RIS. The first approach analyzes the latency to the root server and the second approach looks for route hijacks. We demonstrate the importance and validity of these techniques by measuring the only root server (“B”) not widely distributed using anycast. Our measurements establish the presence of several DNS proxies and a DNS root mirror.

Original languageEnglish (US)
Title of host publicationPassive and Active Measurement - 17th International Conference, PAM 2016, Proceedings
EditorsThomas Karagiannis, Xenofontas Dimitropoulos
PublisherSpringer Verlag
Pages276-288
Number of pages13
ISBN (Print)9783319305042
DOIs
StatePublished - 2016
Event17th International Conference on Passive and Active Measurement, PAM 2016 - Heraklion, Greece
Duration: Mar 31 2016Apr 1 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9631
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other17th International Conference on Passive and Active Measurement, PAM 2016
Country/TerritoryGreece
CityHeraklion
Period3/31/164/1/16

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Detecting DNS root manipulation'. Together they form a unique fingerprint.

Cite this