Domain Name System (DNS) is the entry of everything on the Internet. As a basic infrastructure, DNS provides the translation of human-readable domain names to numerical addresses. Since its proposal over 30 years ago, the DNS ecosystem has evolved rapidly with several new features, and is as well facing new challenges.
We are the DNS research team at Network and Information Security Lab of Tsinghua University (NISL). We aim to better understand the current infrustructure of DNS, often with the support of large-scale data analysis.
Our team members: Prof. Haixin Duan, Baojun Liu, Chaoyi Lu, Yiming Zhang, Mingming Zhang, Chunying Leng and Jia Zhang.
Our collaborators: Zhou Li (UCI), Shuang Hao (UT Dallas), Zaifeng Zhang (360 Netlab).
Lately, protocols to encrypt plaintext DNS have been proposed to tackle with its privacy concerns. Based on large-scale data, we provide an early view on the current status of DNS-over-Encryption. Specifically, we measure their deployment on open resolvers, performance compared to traditional DNS, and current usage by DNS clients.
We report and measure DNSIntercept, where DNS requests to public resolvers are surruptitiously redirected and handled by alternative resolvers. Using two client-side measurement platforms, we find 259 ASes exhibit this hidden behavior. It also can raise security concerns as some alternative resolvers are weak at security practices.
To build a multilingual Internet, Internationalized Domain Names (IDN) allow Unicode characters in the domain labels. On the other hand, IDNs face the same problem of abuse, like homograph attacks. We perform empirical analysis on the current registration status of IDN, and detect two types of IDN abuse.
Copyright (c) 2019 NISL @ Tsinghua University. All rights reserved.