Data networks (2nd ed.)
Maintaining Strong Cache Consistency in the World Wide Web
IEEE Transactions on Computers
DNS performance and the effectiveness of caching
IEEE/ACM Transactions on Networking (TON)
Serving DNS Using a Peer-to-Peer Lookup Service
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Proactive Caching of DNS Records: Addressing a Performance Bottleneck
SAINT '01 Proceedings of the 2001 Symposium on Applications and the Internet (SAINT 2001)
Overlook: Scalable Name Service on an Overlay Network
ICDCS '02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS'02)
The design and implementation of a next generation name service for the internet
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
CoDNS: improving DNS performance and reliability via cooperative lookups
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
ConfiDNS: leveraging scale and history to improve DNS security
WORLDS'06 Proceedings of the 3rd conference on USENIX Workshop on Real, Large Distributed Systems - Volume 3
Using the domain name system for system break-ins
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Formal Analysis of the Kaminsky DNS Cache-Poisoning Attack Using Probabilistic Model Checking
HASE '10 Proceedings of the 2010 IEEE 12th International Symposium on High-Assurance Systems Engineering
Secure naming in information-centric networks
Proceedings of the Re-Architecting the Internet Workshop
On the performance and analysis of DNS security extensions
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Hierarchical Web caching systems: modeling, design and experimental results
IEEE Journal on Selected Areas in Communications
On expiration-based hierarchical caching systems
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
The Domain Name System (DNS) provides a critical service for the Internet -- mapping of user-friendly domain names to their respective IP addresses. Yet, there is no standard set of metrics quantifying the Quality of Domain Name Service (QoDNS), let alone a thorough evaluation of it. This article attempts to fill this gap from the perspective of a DNS proxy/cache, which is the bridge between clients and authoritative servers. We present an analytical model of DNS proxy operations that offers insights into the design trade-offs of DNS infrastructure and the selection of critical DNS parameters. Due to the critical role DNS proxies play in QoDNS, they are the focus of attacks including cache poisoning attack. We extend the analytical model to study DNS cache poisoning attacks and their impact on QoDNS metrics. This analytical study prompts us to present Domain Name Cross-Referencing (DoX), a peer-to-peer systems for DNS proxies to cooperatively defend cache poisoning attacks. Based on QoDNS, we compare DoX with the cryptography-based DNS Security Extension (DNSSEC) to understand their relative merits.