14-15 May 2017
Europe/Madrid timezone
Home > Contribution List

Contribution List

Displaying 33 contributions out of 33
Session: Lightning Talks
Track: Lightning Presentations
Presented by Mr. Peter VAN DIJK on 15 May 2017 at 17:05
Type: Standard Presentation Session: Public Workshop: Testing
Track: Public Workshop
While metrics comparing the query performance of various DNS software are readily available, similar metrics comparing provisioning performance are not as easily found. Over the last year CIRA’s secondary managed DNS platform, D-Zone, experienced large growth with the potential for even more expansion in the next year. Accordingly, we are required to reexamine our current DNS implementation to ... More
Presented by Evan THOMPSON on 14 May 2017 at 17:30
Session: Lightning Talks
Track: Lightning Presentations
Presented by Paul HOFFMAN on 15 May 2017 at 16:35
Type: Standard Presentation Session: Public Workshop: Data Analysis
Track: Public Workshop
Many DNS operators, particularly those of high volume authoritative servers (such as TLD operators) perform operational monitoring of incoming (and outgoing) DNS query load. Often, this entails capturing (and subsequently storing and analyzing) the query/response stream. With DNS query rates (and hence traffic) increasing year by year, operators face the challenge that capture, transport and s ... More
Presented by Mr. Alexander MAYRHOFER on 15 May 2017 at 12:15
Type: Standard Presentation Session: Public Workshop: Testing
Track: Public Workshop
The DNS Violations effort has been kicked off few days ago. In this presentation, I am going to cover the most common types of DNS protocol violations with real world examples, recommendations, workarounds. I would also like to initiate a discussion about possible way how to move forward and whether we need and want to take a stand.
Presented by Mr. Ondrej SURY on 14 May 2017 at 16:30
Type: Standard Presentation Session: Public Workshop: Measurement
Track: Public Workshop
The vast majority of DNS traffic happens over UDP. We can pretty much predict how the resolvers will spread the load, deal with timeouts and server failures. But what will happen if we force the clients to use TCP? Is TCP a first-class citizen in modern resolvers or is it only a fallback mechanism. And can the resolvers use established TCP connections effectively? In this talk, I will try to an ... More
Presented by Jan VČELÁK on 14 May 2017 at 14:30
Session: Lightning Talks
Track: Lightning Presentations
Presented by Dr. Sara DICKINSON on 15 May 2017 at 16:45
Type: Standard Presentation Session: Public Workshop
Track: Public Workshop
I would like to study and present the effect of parent (TLD) zone TTL changes based on behavior of different DNS resolvers implementations and how they handle the delegation NS TTLs. The presentation will include different scenarios where TTL matter, might matter, might not matter, or doesn't matter at all related to the DNS resolver implementations.
Presented by Mr. Ondrej SURY on 14 May 2017 at 12:00
Session: Lightning Talks
Track: Lightning Presentations
Presented by Ralph DOLMANS on 15 May 2017 at 16:55
Type: Standard Presentation Session: Public Workshop: DNSSEC
Track: Public Workshop
EDNS Key Tag promises to provide much-needed information about the DNSSEC configuration of recursive resolvers. Sadly, this technology is not yet standardized or implemented. Luckily, we can fake it in a useful way. This presentation very briefly covers the EDNS Key Tag as well as a hack built to provide EDNS Key Tag functionality for systems that do not support it. Also, we learn that awk is a ... More
Presented by Shane KERR on 15 May 2017 at 10:30
Type: Standard Presentation Session: Public Workshop: Data Analysis
Track: Public Workshop
Cloudflare operates multiple DNS services in over 100 data centers around the globe, which makes troubleshooting with unstructured logs or packet captures impractical due to its storage and computational costs. In the first part of this talk we’ll go over our current data analytics architecture and how we got there, after a few false starts. This will cover logging infrastructure, that securely ... More
Presented by Mr. Ólafur GUÐMUNDSSON on 15 May 2017 at 11:15
Type: Standard Presentation Session: Public Workshop: Measurement
Track: Public Workshop
Using techniques inspired by the HyperLogLog counting algorithm, it has proven possible to rapidly measure the number of DNSSEC-signed delegations worldwide for both NSEC and NSEC3 zones, using around 4096 queries per zone. In this presentation, I will briefly describe HyperLogLog & then how this maps to NSEC names and NSEC3 hashes. I will also discuss how reliable results from measuring DNSSE ... More
Presented by Mr. Bert HUBERT on 14 May 2017 at 15:30
Type: Standard Presentation Session: Public Workshop: Testing
Track: Public Workshop
I will describe (and hopefully demonstrate) ISC's Performance Lab System, which we intend to release as Open Source by the time of the workshop. This system performs continuous builds and tests of multiple configurations of BIND9 and other DNS software for the purpose of tracking long term trends, identifying performance regressions, and for testing the effects on performance of experimental fe ... More
Presented by Mr. Ray BELLIS on 14 May 2017 at 17:00
Session: OARC Business
Track: OARC Business
Presented by Paul EBERSMAN on 14 May 2017 at 09:30
Type: Standard Presentation Session: Public Workshop: DNSSEC
Track: Public Workshop
NSEC5 is a proposed enhancement to DNSSEC that provably prevents zone enumeration. It does this by replacing the hashes used in NSEC3 with hashes computed by a verifiable random function (VRF), and requiring authoritative servers to perform a small amount of online cryptography for negative responses. This talk will give an overview of the latest NSEC5 protocol specification, and describe the resu ... More
Presented by Shumon HUQUE, Jan VČELÁK, David LAWRENCE on 15 May 2017 at 09:45
Session: OARC Business
Track: OARC Business
Presented by Mr. Jerry LUNDSTRÖM, Mr. Keith MITCHELL on 14 May 2017 at 10:15
Session: OARC Business
Track: OARC Business
Presented by Mr. Keith MITCHELL on 14 May 2017 at 09:35
Type: Standard Presentation Session: Public Workshop: Measurement
Track: Public Workshop
In this presentation we show our ongoing work to develop a testbed --based on software and commodity hardware-- to research on flooding attacks against DNS infrastructure. We have currently developed two prototype components: a flooding DNS query generator, able to saturate 10GbE links with 11Mrps, and an online detector of overabundant queried domains at reception. Relying on DPDK and libmoon (a ... More
Presented by Santiago RUANO RINCÓN on 14 May 2017 at 15:00
Presented by Matthew POUNSETT on 15 May 2017 at 13:30
Session: OARC Business
Track: OARC Business
Presented by Mr. Keith MITCHELL on 14 May 2017 at 10:55
Type: Standard Presentation Session: Public Workshop: DNSSEC
Track: Public Workshop
ICANN would like to provide another update on the progress of the root zone KSK rollover. Since the rollover is scheduled for October 11, 2017, this DNS-OARC workshop could be the last one before the rollover takes place in the fall, so we would appreciate one more chance to reach the important segment of the DNS operational community that attends DNS-OARC workshops. Recent developments to share ... More
Presented by Matt LARSON on 15 May 2017 at 09:00
Type: Standard Presentation Session: Public Workshop
Track: Public Workshop
Cloudflare hosts managed DNS infrastructure for over 5 million zones. In 2016 we began work on re-building a core part of our DNS Nameserver (rrDNS) and data provisioning software to better handle the scale as well as to improve reliability and performance, and pave the way for new features. DNS operations and systems are not immune from scaling bumps; things that work great for 100K domains may ... More
Presented by Mr. Pavel ODINTSOV on 14 May 2017 at 11:30
Type: Standard Presentation Session: Public Workshop: Measurement
Track: Public Workshop
There are 12 different root server anycast constellations, and they all serve the same root zone data. But do they all serve this data the same way? In particular, when the response size is large do all these root server systems respond in the same manner? This is a report on the different forms of responses that were observed when the root servers were coerced into offering a larger than nor ... More
Presented by Mr. Geoff HUSTON on 14 May 2017 at 14:00
Type: Standard Presentation Session: Public Workshop: Security and Privacy
Track: Public Workshop
Please see paper at[1] ,and blogpost at [2] But in short, this is a concise survey paper on the forms of DNS abuse and their relation with TLD operators. We show how we can use the datasets we have in hand to detect these sorts of abuse, and how each of them have different business models that leave distinct traces on our datasets. IMHO, I think other TLD operators may benefit from that. Ple ... More
Presented by Dr. Giovane MOURA on 15 May 2017 at 14:45
Type: Standard Presentation Session: Public Workshop: Testing
Track: Public Workshop
All DNS resolver vendors face the same question: Is the new version going to upset users? This is a very hard question to answer because DNS resolvers have many use-cases and have to deal with variations in DNS protocol implementation. Opinions on best practices in software testing vary... but from the functional perspective the most important criteria is if users are able to resolve names al ... More
Presented by Mr. Petr ŠPAČEK on 14 May 2017 at 18:00
Type: Standard Presentation Session: Public Workshop: Security and Privacy
Track: Public Workshop
1. **Data exfiltration using the DNS** A. Multigrain malware, and other examples of the use of DNS for data exfiltration 1. Detecting subdomain-type data exfiltration through statistical analysis of subdomain lengths B. Use of DNS 0x20 / XQID / IDN as a covert channel 1. Cisco Talos stats on malware’s use of mixed-case, XQID, and other queries C. Pass ... More
Presented by Mr. Jaeson SCHULTZ on 15 May 2017 at 15:00
Type: Standard Presentation Session: Public Workshop: Security and Privacy
Track: Public Workshop
Many transactions that need to be trustworthy, and possibly encrypted, start with a DNS query. If we consider security from the ground-up, we need to include end users DNS transactions with resolvers in the security realm. The minimal step is DNSSEC where the received data can be verified and validated to be correct and authentic. But if we want to take security and privacy a step further, also th ... More
Presented by Mr. Willem TOOROP on 15 May 2017 at 15:45
Type: Standard Presentation Session: Public Workshop: DNSSEC
Track: Public Workshop
There is a lot of talk about the need for post-quantum cryptography (PQC) due to the possibility that quantum computers will be able to break the current cryptography in coming decades. If it becomes possible to build massive quantum computers, all cryptographic protocols will probably move to using PQC algorithms. It is expected that PQC algorithms for signatures use keys and/or signatures tha ... More
Presented by Paul HOFFMAN on 15 May 2017 at 10:15
Type: Standard Presentation Session: Public Workshop: DNSSEC
Track: Public Workshop
The forthcoming roll of the Root Zone KSK has prompted some studies of the behaviour of resolvers that ask questions of the root. Some of these studies use direct experimentation, where a large number of end users are given a DNS name to resolve in order to understand the behaviour of the DNS recursive resolvers that they use. The DNS responses they are given are intended to mimic the behavio ... More
Presented by Mr. Geoff HUSTON on 15 May 2017 at 09:15
Type: Standard Presentation Session: Public Workshop: Security and Privacy
Track: Public Workshop
Domain names are a critical resource for legitimate users, but also for criminals. This has led to a variety of attacks on the underlying technology, the Domain Name System (DNS) infrastructure. Registrars have been hacked, attackers have set up malicious domain name resolution services and DNS caches have been poisoned. What most attacks share in common is that they compromise the resolution path ... More
Presented by Dr. Maciej KORCZYNSKI on 15 May 2017 at 14:15
Session: Lightning Talks
Track: Lightning Presentations
Presented by Pieter LEXIS on 15 May 2017 at 17:15
Type: Standard Presentation Session: Public Workshop: Security and Privacy
Track: Public Workshop
The DPRIVE Working Group has recently produced several standards relating to DNS-over-TLS as a method for encrypting Stub to recursive communications. Whilst there are several implementations available, deployment is still in the early stages. Several experiment DNS-over-TLS servers have been running since 2016 and the dnsprivacy.net project is aiming to - Increase DNS-over-TLS deployment d ... More
Presented by Dr. Sara DICKINSON on 15 May 2017 at 15:30
Type: Standard Presentation Session: Public Workshop: Data Analysis
Track: Public Workshop
This talk will provide updates on dnstap, including the latest code developments and operational use cases. It will detail the results of tests that compare performance characteristics of a dnstap enabled pDNS sensor versus those of a BPF pDNS sensor.
Presented by Merike KAEO on 15 May 2017 at 11:45