Academic
Publications
Anonymous Resolution of DNS Queries

Anonymous Resolution of DNS Queries,10.1007/978-3-540-88873-4_5,Sergio Castillo-perez,Joaquín García-alfaro

Anonymous Resolution of DNS Queries   (Citations: 2)
BibTex | RIS | RefWorks Download
The use of the DNS as the underlying technology of new resolu- tion name services can lead to privacy violations. The exchange of data between servers and clients flows without protection. Such an inform ation can be captured by service providers and eventually sold with malicious purposes (i.e., spamming, phishing, etc.). A motivating example is the use of DNS on VoIP services for the translation of traditional telephone numbers into Interne t URLs. We analyze in this paper the use of statistical noise for the construction of proper DNS queries. Our objective aims at reducing the risk that sensible data within DNS queries could be inferred by local and remote DNS servers. We evaluate the implementa- tion of a proof-of-concept of our approach. We study the benefits and limitations of our proposal. A first limitation is the possibility of atta cks against the integrity and authenticity of our queries by means of, for instance, man-in-the-middle or replay attacks. However, this limitation can be successful ly solved combining our proposal together with the use of the DNSSEC (DNS Security extensions). We evaluate the impact of including this complementary countermeasure.
Conference: OTM Workshops , pp. 987-1000, 2008
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
    • ...Zhao, et al. [26] and Castillo-Perez, et al. [9] propose a random-set query approach...
    • ...With respect to Adv1(d), both [26] and [9] claim that their approaches can achieve 1 m . However, this is not always true in the face of an active malicious local name server that can force a client in its administrative domain to relaunch a random-set query to the same target...

    Yanbin Luet al. Towards Plugging Privacy Leaks in the Domain Name System

    • ...Zhao, et al. [26] and Castillo-Perez, et al. [9] propose a random-set query approach...
    • ...With respect to Adv1(d), both [26] and [9] claim their respective approaches can achieve 1 m. However, this is not necessarily true in the face of an active malicious local name server that can force a client in its administrative domain to re-launch a random-set query to the same target...

    Yanbin Luet al. Towards Plugging Privacy Leaks in Domain Name System

Sort by: