Abstract
DNS resolvers perform the essential role of translating domain names into IP addresses. The default DNS resolver offered by an Internet Service Provider (ISP) can be undesirable for a number of reasons such as censorship, lack of malware filtering options and low service quality. In this paper, we propose a novel method for estimating the amount of DNS traffic directed at non-ISP resolvers by using DNS and NetFlow data from an ISP. This method is extended to also estimate the amount of DNS traffic towards resolvers that offer malware filtering or parental control functionality. Finally, we propose a novel method for estimating the amount of DNS traffic at non-ISP resolvers that would have been censored by ISP resolvers. The results of applying these methods on an ISP dataset shows to which extent 3rd party resolvers are chosen by users for either malware filtering or censorship circumvention purposes.
Original language | English |
---|---|
Title of host publication | ICT Systems Security and Privacy Protection : 37th IFIP TC 11 International Conference, SEC 2022, Copenhagen, Denmark, June 13–15, 2022, Proceedings |
Editors | Weizhi Meng, Simone Fischer-Hübner, Christian D. Jensen |
Number of pages | 17 |
Publisher | Springer |
Publication date | 2022 |
Pages | 109-125 |
ISBN (Print) | 978-3-031-06974-1 |
ISBN (Electronic) | 978-3-031-06975-8 |
DOIs | |
Publication status | Published - 2022 |
Event | 37th International Conference on ICT Systems Security and Privacy Protection - DTU, Copenhagen, Denmark Duration: 13 Jun 2022 → 15 Jun 2022 https://ifipsec2022.compute.dtu.dk/ |
Conference
Conference | 37th International Conference on ICT Systems Security and Privacy Protection |
---|---|
Location | DTU |
Country/Territory | Denmark |
City | Copenhagen |
Period | 13/06/2022 → 15/06/2022 |
Internet address |
Series | I F I P Advances in Information and Communication Technology |
---|---|
ISSN | 1868-4238 |