Enumerating Privacy Leaks in DNS Data Collected Above the Recursive. Imana, B., Korolova, A., & Heidemann, J. In Proceedings of the ISOC NDSS Workshop on DNS Privacy , San Diego, California, USA, February, 2018. The Internet Society.
Enumerating Privacy Leaks in DNS Data Collected Above the Recursive [link]Paper  abstract   bibtex   
As with any information system consisting of data derived from people’s actions, DNS data is vulnerable to privacy risks. In DNS, users make queries through recursive resolvers to authoritative servers. Data collected below (or in) the recursive resolver directly exposes users, so most prior DNS data sharing focuses on queries above the recursive resolver. Data collected above a recursive resolver has largely been seen as posing a minimal privacy risk since recursive resolvers typically aggregate traffic for many users, thereby hiding their identity and mixing their traffic. Although this assumption is widely made, to our knowledge it has not been verified. In this paper we re-examine this assumption for DNS traffic above the recursive resolver. First, we show that two kinds of information appear in query names above the recursive resolver: IP addresses and sensitive domain names, such as those pertaining to health, politics, or personal or lifestyle information. Second, we examine how often these classes of potentially sensitive names appear in Root DNS traffic, using 48 hours of B-Root data from April 2017.
@InProceedings{Imana18a,
        author =        "Basileal Imana and Aleksandra Korolova and John Heidemann",
        title =         "Enumerating Privacy Leaks in {DNS} Data
                  Collected Above the Recursive",
        booktitle =     "Proceedings of the " # " {ISOC} {NDSS} Workshop on {DNS} Privacy ",
        year =          2018,
	myorganization =	"USC/Information Sciences Institute",
	sortdate = 	"2018-02-18", 
	project = "ant, earr, retrofuturebridge, lacrend, researchroot, nipet",
        month =      feb,
        address =    "San Diego, California, USA",
        publisher =  "The Internet Society",
	jlocation = 	"johnh: pafile",
	keywords = 	"dns, privacy, data leak, PII",
	url =		"https://ant.isi.edu/%7ejohnh/PAPERS/Imana18a.html",
	pdfurl =	"https://ant.isi.edu/%7ejohnh/PAPERS/Imana18a.pdf",
	talkurl =	"https://ant.isi.edu/%7ejohnh/PAPERS/Imana18a_talk.pdf",
	dataseturl =	"https://ant.isi.edu/datasets/readmes/DITL_B_Root-20170411.README.txt",
	blogurl = "https://ant.isi.edu/blog/?p=1158",
	icon = "Imana18a_icon.png",
	abstract = "As with any information system consisting of data derived from
people’s actions, DNS data is vulnerable to privacy risks. In DNS,
users make queries through recursive resolvers to authoritative
servers. Data collected below (or in) the recursive resolver directly
exposes users, so most prior DNS data sharing focuses on queries above
the recursive resolver. Data collected above a recursive resolver has
largely been seen as posing a minimal privacy risk since recursive
resolvers typically aggregate traffic for many users, thereby hiding
their identity and mixing their traffic. Although this assumption is
widely made, to our knowledge it has not been verified. In this paper
we re-examine this assumption for DNS traffic above the recursive
resolver. First, we show that two kinds of information appear in query
names above the recursive resolver: IP addresses and sensitive domain
names, such as those pertaining to health, politics, or personal or
lifestyle information. Second, we examine how often these classes of
potentially sensitive names appear in Root DNS traffic, using 48 hours
of B-Root data from April 2017.",
}
Downloads: 0
About
Documentation
Keywords
Search
Users
Terms and Conditions of Use
Privacy Policy
Sitemap
© BibBase.org 2021