A survey on malicious domains detection through DNS data analysis
Malicious domains are one of the major resources required for adversaries to run attacks
over the Internet. Due to the important role of the Domain Name System (DNS), extensive …
over the Internet. Due to the important role of the Domain Name System (DNS), extensive …
Encrypted DNS--> privacy? A traffic analysis perspective
Virtually every connection to an Internet service is preceded by a DNS lookup which is
performed without any traffic-level protection, thus enabling manipulation, redirection …
performed without any traffic-level protection, thus enabling manipulation, redirection …
An end-to-end, large-scale measurement of dns-over-encryption: How far have we come?
DNS packets are designed to travel in unencrypted form through the Internet based on its
initial standard. Recent discoveries show that real-world adversaries are actively exploiting …
initial standard. Recent discoveries show that real-world adversaries are actively exploiting …
Detection of malicious and low throughput data exfiltration over the DNS protocol
In the presence of security countermeasures, a malware designed for data exfiltration must
use a covert channel to achieve its goal. The Domain Name System (DNS) protocol is a …
use a covert channel to achieve its goal. The Domain Name System (DNS) protocol is a …
Padding ain't enough: Assessing the privacy guarantees of encrypted {DNS}
DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user privacy by
hiding DNS resolutions from passive adversaries. Yet, past attacks have shown that …
hiding DNS resolutions from passive adversaries. Yet, past attacks have shown that …
Measuring DNS over TLS from the edge: adoption, reliability, and response times
Abstract The Domain Name System (DNS) is a cornerstone of communication on the
Internet. DNS over TLS (DoT) has been standardized in 2016 as an extension to the DNS …
Internet. DNS over TLS (DoT) has been standardized in 2016 as an extension to the DNS …
Large scale measurement on the adoption of encrypted DNS
Several encryption proposals for DNS have been presented since 2016, but their adoption
was not comprehensively studied yet. This research measured the current adoption of DoH …
was not comprehensively studied yet. This research measured the current adoption of DoH …
On the impact of DNS over HTTPS paradigm on cyber systems
K Bumanglag, H Kettani - 2020 3rd International Conference on …, 2020 - ieeexplore.ieee.org
The Domain Name System (DNS) protocol has been in use for over thirty years. As the
primary method of resolving domain names to Internet Protocol (IP) addresses, it is a …
primary method of resolving domain names to Internet Protocol (IP) addresses, it is a …
A comprehensive study of {DNS-over-HTTPS} downgrade attack
Q Huang, D Chang, Z Li - 10th USENIX Workshop on Free and Open …, 2020 - usenix.org
DNS-over-HTTPS (DoH) is one major effort to protect DNS confidentiality and integrity,
which has been deployed by most of the popular browsers. However, we found this effort …
which has been deployed by most of the popular browsers. However, we found this effort …
Evaluating public DNS services in the wake of increasing centralization of DNS
Recent studies have shown centralization in the Domain Name System (DNS) around public
DNS services, which are hosted on centrally managed infrastructure and advertise higher …
DNS services, which are hosted on centrally managed infrastructure and advertise higher …