论文信息 - Authoritative server's impact on domain name system's performance and security

Authoritative server's impact on domain name system's performance and security

The Domain Name System (DNS) is the most crucial infrastructure for mapping human-readable host names to the corresponding IP addresses and providing the routing information of Email. Comparing with the top-level domains (TLD) such as the root servers, the local authoritative servers are more vulnerable to device failures and malicious attacks. This paper described the existence condition of authoritative servers and presented a novel domain measurement tool named DNSAuth to collect the information of local authoritative servers automatically. Experiments to the real-life authoritative servers were conducted which highlighting three important aspects: the distribution, the geographic location and their impacts on performance and security. According to five representative attributes, the authoritative servers of China Top100 websites are evaluated and the result shows that only 32% of all the servers act preferably in performance and security.

Bin Li | Yao Wang | Mingzeng Hu | Bo-ru Yan

[1] Peter B. Danzig,et al. An analysis of wide-area name server traffic: a study of the Internet Domain Name System , 1992, SIGCOMM 1992.

[2] Paul V. Mockapetris,et al. Domain names: Concepts and facilities , 1983, RFC.

[3] kc claffy,et al. On the problem of optimization of DNS root servers' placement , 2003 .

[4] Robert Tappan Morris,et al. DNS performance and the effectiveness of caching , 2002, TNET.

[5] Paul V. Mockapetris,et al. Domain names - implementation and specification , 1987, RFC.

[6] George Varghese,et al. Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications , 2001, SIGCOMM 2001.

[7] Ellen W. Zegura,et al. Diversity in DNS performance measures , 2002, IMW '02.

[8] Daniel Massey,et al. Impact of configuration errors on DNS robustness , 2004, SIGCOMM 2004.

[9] Evi Nemeth,et al. DNS measurements at a root server , 2001, GLOBECOM'01. IEEE Global Telecommunications Conference (Cat. No.01CH37270).

[10] Randy Bush,et al. Selection and Operation of Secondary DNS Servers , 1997, RFC.