Dr
Arnoldo Muller-Molina
(simMachines)
5/10/14, 11:45 AM
Members-only
The day in the life (DITL) data-set is collected to study and improve the integrity of the root server system. Among the different properties recorded in the data-set, we focus on second level domain (SLD) strings. In this study, we introduce a method that automatically infers regular expressions from over-represented SLD strings. At first, we identify random strings and remove them from the...
Mr
Stéphane Bortzmeyer
(AFNIC)
5/10/14, 2:30 PM
Public Workshop
At the IETF 88 meeting in Vancouver, the first one which took into account the Snowden revelations, there was a lot of enthusiasm on action to improve the privacy on the Internet http://www.ietf.org/blog/2013/11/strengthening-the-internet/. This was summarized in a press release http://www.ietf.org/media/2013-11-07-internet-privacy-and-security.html claiming that "all of the working groups...
Mr
John Heidemann
(USC/Information Sciences Institute)
5/10/14, 3:00 PM
Public Workshop
This talk will discuss _connection-oriented DNS_ to improve DNS security and privacy. DNS is the canonical example of a connectionless, single packet, request/response protocol, with UDP as its dominant transport. Yet DNS today is challenged by eavesdropping that compromises privacy, source-address spoofing that results in denial-of-service (DoS) attacks on the server and third parties,...
Bruce van Nice
(Nominum)
5/10/14, 3:30 PM
Public Workshop
The presentation will cover findings from a Terabyte of anonymized DNS data collected every day from around the world. We’ll present data and analysis techniques and discuss how we’re automating the cycle of identifying and validating behaviors such as the ones described below to zero in quickly on zero days and minimize their damage.
- Appearances of new “purpose built” domains registered...
Mr
Nat Morris
(Esgob Ltd)
5/10/14, 4:20 PM
Public Workshop
Over 6 months I built out a distributed DNS service around the world consisting of 11 nodes, whilst at the same time trying to keep it under the radar of the wife - costing less than $1000/yr.
I'll talk about how I built it, what tools I used (RethinkDB, Beanstalkd, CollectD, Python etc), the problems I faced, details I learnt about how other "budget" anycast services are built and the fun...
David Cates
(Microsoft)
5/10/14, 4:50 PM
Public Workshop
DNS Server in Windows has been enhanced significantly through recent releases of Windows Server. One of the main areas of capability augmentation of Windows DNS has been in the area of DNSSEC. This session will mainly focus on acclimatizing the user with DNSSEC capabilities in Windows DNS Server. It will demonstrate how to setup DNSSEC in Windows DNS server, online zone signing support and...
Dr
Casey Deccio
(Verisign Labs)
5/10/14, 5:20 PM
Public Workshop
Analyzing a DNS deployment is a complex challenge. There are several roles of DNS service, of which a single server may play multiple. Additionally, there are various vantage points from which an address might be queried, and each might result in a different response, or none at all. Finally, there are multiple query options and diverse ways handling the responses that result. There are...
Mr
Willem Toorop
(NLnet Labs)
5/11/14, 9:00 AM
Public Workshop
Verisign and NLnet Labs have recently announced the first beta release (0.1.0) of an open source implementation of the getdns API specification. The project's home page is at http://getdnsapi.net.
getdns is a modern asynchronous DNS API. It implements DNS entry points from a design developed and vetted by application developers, in the specification at http://www.vpnc.org/getdns-api/...
Robert Edmonds
(Farsight Security, Inc.)
5/11/14, 9:30 AM
Public Workshop
dnstap is a flexible, structured binary log format for DNS software. This presentation will introduce the core concepts and data model and summarize recent progress in implementing dnstap support in existing DNS software.
dnstap's motivating use case is to enable an advanced form of forgery resistant passive DNS replication that can perform bailiwick verification of data received from DNS...
Mr
Sebastian Castro
(.nz Registry Services)
5/11/14, 10:00 AM
Public Workshop
On this presentation we explore the journey NZRS took to deploy and use a Big Data cluster using Hadoop.
From assembling servers, to racking, deploying software, developing UDFs and running jobs on the cluster, we go over the many alternatives of Hadoop for data analysis, and how it can be used for DNS analysis in particular.
Mr
Joseph Abley
(Dyn, Inc.)
5/11/14, 10:30 AM
Increasing numbers of Internet-connected fridges and grandparents, together with cloud-based service delivery hysteria, are pushing availability requirements for web-accessible services through the roof. Subscribers are less interested in the reasons for failure, and are largely disinclined to try and call anybody for help (who would they call?) Service unavailability leads to lost...
Mr
Qi Zhao
(CNNIC)
5/11/14, 11:30 AM
Public Workshop
I will introduce DNSSEC deployment in .CN in my talk, it
mainly include the preparations, deployment, monitoring and
observations. In the end, I will analyze a small DDoS attack occurred in
.CN recently, and point out the challenges which .CN will be faced in
the future.
Matthijs Mekking
(NLnet Labs)
5/11/14, 12:00 PM
Public Workshop
A DNSSEC audit is the process of structural examination of a DNSSEC infrastructure. DNSSEC adoption is increasing and becomes more and more a system we rely on. As the protocol becomes more critical, the level of assurance of the system and its evaluation also becomes more important.
NLnet Labs in collaboration with SWITCH created a framework that assists auditors in performing a DNSSEC...
Mr
Sebastian Castro
(.nz Registry Services)
5/11/14, 1:15 PM
Public Workshop
Mr
Christopher Baker
(Dyn)
5/11/14, 2:10 PM
Public Workshop
Along side all of the new TLDs which have come into being, there is a dark horse: .bit. .bit isn't one of ICANN's most recently blessed TLDs, such as .guru, .democrat or .sexy, it is the top level domain which is served by the Namecoin infrastructure. The Namecoin platform seeks to provide an alternative (read as non-ICANN regulated TLD) decentralized domain name system built on a modified...
Matthew Thomas
(Verisign)
5/11/14, 2:40 PM
Public Workshop
In this paper we focus on detecting and clustering distinct groupings of domain names that are
queried by numerous sets of infected machines. We propose to analyze domain name system (DNS) traffic, such as Non-Existent Domain (NXDomain) queries, at several premier Top Level Domain (TLD) authoritative name servers to identify strongly connected cliques of malware related domains. We...
Mr
Joao Damas
(Dyn Inc), Mr
Knight Dave
(Dyn Inc)
5/11/14, 3:10 PM
Public Workshop
Operational flexibility and deployment are increasingly managed through VMs or similar environments. In the past it has been reported that certain VM environments have a very negative impact in DNS server performance.
Here, we present the results of QPS performance of several current authoritative DNS servers running in traditional and contained or virtualised environments to evaluate their...
Mr
Matt Pounsett
5/11/14, 4:10 PM
Lightning talks
Mr
Mehmet Akcin
(Microsoft)
5/11/14, 4:15 PM
Lightning talks
Mr
Jim Martin, Mr
Lars-Johan Liman
5/11/14, 4:25 PM
Lightning talks
Mr
Kazunori Fujiwara
(Japan Registry Services Co., Ltd)
5/11/14, 4:30 PM
Public Workshop
The past analysis reported numbers of queries sent from each address
to root DNS servers. There are 30,000 IP addresses which send over
100,000 queries in 48 hours. 100,000 queries per 48 hours seem to be
too much. However, a full-resolver managed appropriately sent 110,000
queries in 48 hours at 2012 DITL timing. It served 180 queries per
second from thousands of clients. The author...
Duane Wessels
(Verisign)
5/11/14, 5:00 PM
Public Workshop
While open resolvers provide various benefits by answering DNS requests from external sources for anything, today they pose a significant threat to the stability and security of the Internet. For example, open resolvers have been recently utilized for launching amplification attacks, calling for initiating a systematic study on their population, use, and distribution, and raising the awareness...