Fangming Zhao
ABSTRACT
When a DNS (domain name system) client needs to look up a name, it queries DNS servers to resolve the name on the Internet. The query information from the client was passed through one or more DNS servers. While useful, in the whole query transmission, we say it can leak potentially sensitive information: what a client wants to connect to, or what the client is always paying attention to? From the definition, the privacy problem is to prove that none of the private data can be inferred from the information which is made public.We firstly analyzed the complete DNS query process now in use; then, from each step of the DNS query process, we discussed the privacy disclosure problem in each step of the query: Client side, Query transmission process and DNS server side. Finally, we proposed a simple and flexible privacy-preserving query scheme "Range Query", which could maximally decrease privacy disclosure in the whole DNS query process. And we also discuss efficiency and implementation on the Range Query.
Index Terms
- Analysis of Privacy Disclosure in DNS Query
Recommendations
DNS ANY Request Cannon Activity in DNS Query Packet Traffic
ICINIS '13: Proceedings of the 2013 6th International Conference on Intelligent Networks and Intelligent SystemsWe statistically investigated the total ANY resource record (RR) based DNS query request packet traffic from the Internet to the top domain DNS server in a university campus network through January 1st, 2011 to December 31st, 2012. The obtained results ...
Authoritative DNS Server Discovery Method to Enhance DNS Privacy Preservation
CoNEXT-SW '23: Proceedings of the on CoNEXT Student Workshop 2023Plaintext-based DNS domain name resolution poses significant privacy risks. Therefore, encrypting DNS communication across all pathways is essential for privacy preservation. The IETF has standardized DoT, DoH, and DoQ to achieve encryption between end ...
Comparing DNS resolvers in the wild
IMC '10: Proceedings of the 10th ACM SIGCOMM conference on Internet measurementThe Domain Name System (DNS) is a fundamental building block of the Internet. Today, the performance of more and more applications depend not only on the responsiveness of DNS, but also the exact answer returned by the queried DNS resolver, e.g., for ...
Comments