Institutional privacy risks in sharing DNS data

Basileal Imana, Aleksandra Korolova, John Heidemann

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

The Domain Name System (DNS) is used in every website visit and e-mail transmission, so privacy is an obvious concern. In DNS, users ask recursive resolvers (or "recursives") to make queries on their behalf. Prior analysis of DNS privacy focused on privacy risks to individual end-users, mainly in traffic between users and recursives. Recursives cache and aggregate traffic for many users, factors that are commonly assumed to protect end-user privacy above the recursive. We document institutional privacy as a new risk posed by DNS data collected at authoritative servers, even after caching and aggregation by DNS recursives. We are the first to demonstrate this risk by looking at leaks of e-mail exchanges which show communications patterns, and leaks from accessing sensitive websites, both of which can harm an institution's public image. We define a methodology to identify queries from institutions and identify leaks. We show the current practices of prefix-preserving anonymization of IP addresses and aggregation above the recursive are not sufficient to protect institutional privacy, suggesting the need for novel approaches. We demonstrate this claim by applying our methodology to real-world traffic from DNS servers that use partial prefix-preserving anonymization. Our work prompts additional privacy considerations for institutions that run their own resolvers and authoritative server operators that log and share DNS data.

Original languageEnglish (US)
Title of host publicationANRW 2021 - Proceedings of the 2021 Applied Networking Research Workshop
PublisherAssociation for Computing Machinery, Inc
Pages69-75
Number of pages7
ISBN (Electronic)9781450386180
DOIs
StatePublished - Jul 24 2021
Externally publishedYes
Event2021 IRTF Applied Networking Research Workshop, ANRW 2021 - Virtual, Online, United States
Duration: Jul 24 2021Jul 30 2021

Publication series

NameANRW 2021 - Proceedings of the 2021 Applied Networking Research Workshop

Conference

Conference2021 IRTF Applied Networking Research Workshop, ANRW 2021
Country/TerritoryUnited States
CityVirtual, Online
Period7/24/217/30/21

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems

Fingerprint

Dive into the research topics of 'Institutional privacy risks in sharing DNS data'. Together they form a unique fingerprint.

Cite this