Shulman et al., 2015 - Google Patents
Towards security of internet naming infrastructureShulman et al., 2015
- Document ID
- 3478174682390233767
- Author
- Shulman H
- Waidner M
- Publication year
- Publication venue
- European Symposium on Research in Computer Security
External Links
Snippet
We study the operational characteristics of the server-side of the Internet's naming infrastructure. Our findings discover common architectures whereby name servers are 'hidden'behind server-side caching DNS resolvers. We explore the extent and the scope of …
- 238000011156 evaluation 0 abstract description 6
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/10—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network
- H04L67/104—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for peer-to-peer [P2P] networking; Functionalities or architectural details of P2P networks
- H04L67/1087—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for peer-to-peer [P2P] networking; Functionalities or architectural details of P2P networks involving cross functional networking aspects
- H04L67/1093—Some peer nodes performing special functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/10—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network
- H04L67/104—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for peer-to-peer [P2P] networking; Functionalities or architectural details of P2P networks
- H04L67/1042—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for peer-to-peer [P2P] networking; Functionalities or architectural details of P2P networks involving topology management mechanisms
- H04L67/1044—Group management mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/10—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network
- H04L67/104—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for peer-to-peer [P2P] networking; Functionalities or architectural details of P2P networks
- H04L67/1061—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for peer-to-peer [P2P] networking; Functionalities or architectural details of P2P networks involving node-based peer discovery mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations contains provisionally no documents
- H04L12/18—Arrangements for providing special services to substations contains provisionally no documents for broadcast or conference, e.g. multicast
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/28—Network-specific arrangements or communication protocols supporting networked applications for the provision of proxy services, e.g. intermediate processing or storage in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements or network protocols for addressing or naming
- H04L61/15—Directories; Name-to-address mapping
- H04L61/1505—Directories; Name-to-address mapping involving standard directories or standard directory access protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/12—Arrangements for maintenance or administration or management of packet switching networks network topology discovery or management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/58—Message switching systems, e.g. electronic mail systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/30—Network-specific arrangements or communication protocols supporting networked applications involving profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/08—Configuration management of network or network elements
- H04L41/0893—Assignment of logical groupings to network elements; Policy based network management or configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/02—Communication control; Communication processing contains provisionally no documents
- H04L29/06—Communication control; Communication processing contains provisionally no documents characterised by a protocol
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/12—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents characterised by the data terminal contains provisionally no documents
- H04L29/12009—Arrangements for addressing and naming in data networks
- H04L29/12047—Directories; name-to-address mapping
- H04L29/12056—Directories; name-to-address mapping involving standard directories and standard directory access protocols
- H04L29/12066—Directories; name-to-address mapping involving standard directories and standard directory access protocols using Domain Name System [DNS]
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11032297B2 (en) | DGA behavior detection | |
| Brandt et al. | Domain validation++ for mitm-resilient pki | |
| Shulman et al. | Towards security of internet naming infrastructure | |
| Kührer et al. | Going wild: Large-scale classification of open DNS resolvers | |
| Kim et al. | A survey of domain name system vulnerabilities and attacks | |
| Schmid | Thirty years of DNS insecurity: Current issues and perspectives | |
| Kondracki et al. | Catching transparent phish: Analyzing and detecting mitm phishing toolkits | |
| Bushart et al. | DNS unchained: Amplified application-layer DoS attacks against DNS authoritatives | |
| Lian et al. | Measuring the practical impact of {DNSSEC} deployment | |
| Klein et al. | Internet-wide study of DNS cache injections | |
| Hao et al. | {End-Users} get maneuvered: Empirical analysis of redirection hijacking in content delivery networks | |
| Hlavacek et al. | Behind the scenes of RPKI | |
| Noborio et al. | A feasible motion-planning algorithm for a mobile robot based on a quadtree representation | |
| Yazdani et al. | A matter of degree: characterizing the amplification power of open DNS resolvers | |
| Herzberg et al. | Towards adoption of dnssec: Availability and security challenges | |
| Al‐Hammouri et al. | ReCAP: a distributed CAPTCHA service at the edge of the network to handle server overload | |
| Berger et al. | A wrinkle in time: a case study in DNS poisoning | |
| Shulman et al. | Towards forensic analysis of attacks with DNSSEC | |
| Kondracki et al. | The droid is in the details: Environment-aware evasion of android sandboxes | |
| Klein et al. | Counting in the dark: Dns caches discovery and enumeration in the internet | |
| Jin et al. | Trigger-based blocking mechanism for access to email-derived phishing URLs with user alert | |
| Shulman et al. | DNSSEC for cyber forensics | |
| Hudák | Analysis of DNS in cybersecurity | |
| Brahmasani et al. | Two level verification for detection of DNS rebinding attacks | |
| Hounsel | Measuring the Feasibility of DNS Privacy and Security |