Enumerating Privacy Leaks in DNS Data Collected above the Recursive ( Short paper )

As with any information system consisting of data derived from people’s actions, DNS data is vulnerable to privacy risks. In DNS, users make queries through recursive resolvers to authoritative servers. Data collected below (or in) the recursive resolver directly exposes users, so most prior DNS data sharing focuses on queries above the recursive resolver. Data collected above a recursive resolver has largely been seen as posing a minimal privacy risk since recursive resolvers typically aggregate traffic for many users, thereby hiding their identity and mixing their traffic. Although this assumption is widely made, to our knowledge it has not been verified. In this paper we re-examine this assumption for DNS traffic above the recursive resolver. First, we show that two kinds of information appear in query names above the recursive resolver: IP addresses and sensitive domain names, such as those pertaining to health, politics, or personal or lifestyle information. Second, we examine how often these classes of potentially sensitive names appear in Root DNS traffic, using 48 hours of B-Root data from April 2017.

[1]  Hannes Federrath,et al.  Privacy-Preserving DNS: Analysis of Broadcast, Range Queries and Mix-Based Protection Methods , 2011, ESORICS.

[2]  Boris Nechaev,et al.  Netalyzr: illuminating the edge network , 2010, IMC '10.

[3]  Robert Tappan Morris,et al.  DNS performance and the effectiveness of caching , 2001, IMW '01.

[4]  Kensuke Fukuda,et al.  Detecting Malicious Activity With DNS Backscatter Over Time , 2017, IEEE/ACM Transactions on Networking.

[5]  Stephane Bortzmeyer,et al.  DNS Privacy Considerations , 2015, RFC.

[6]  Kimberly C. Claffy,et al.  Reasons Dynamic Addresses Change , 2016, Internet Measurement Conference.

[7]  Haya Shulman Pretty Bad Privacy: Pitfalls of DNS Encryption , 2014, WPES.

[8]  Joaquín García,et al.  Evaluation of Two Privacy-Preserving Protocols for the DNS , 2009, 2009 Sixth International Conference on Information Technology: New Generations.

[9]  Paul V. Mockapetris,et al.  Domain names - implementation and specification , 1987, RFC.

[10]  Junjie Zhang,et al.  Deriving and measuring DNS-based fingerprints , 2017, J. Inf. Secur. Appl..

[11]  Kouichi Sakurai,et al.  Analysis of Privacy Disclosure in DNS Query , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[12]  Paul V. Mockapetris,et al.  Domain names - concepts and facilities , 1987, RFC.

[13]  Yacin Nadji,et al.  Extended Abstract : Understanding the Privacy Implications of ECS , 2016 .

[14]  Emil Sit,et al.  An empirical study of spam traffic and the use of DNS black lists , 2004, IMC '04.

[15]  Ahmed Serhrouchni,et al.  Privacy-preserving domain-flux botnet detection in a large scale network , 2013, 2013 Fifth International Conference on Communication Systems and Networks (COMSNETS).

[16]  Kouichi Sakurai,et al.  Two-Servers PIR Based DNS Query Scheme with Privacy-Preserving , 2007 .

[17]  Michael Weber,et al.  Device Names in the Wild: Investigating Privacy Risks of Zero Configuration Networking , 2013, 2013 IEEE 14th International Conference on Mobile Data Management.

[18]  John S. Heidemann,et al.  Connection-Oriented DNS to Improve Privacy and Security , 2015, 2015 IEEE Symposium on Security and Privacy.

[19]  Jonathan M. Spring,et al.  The Impact of Passive DNS Collection on End-user Privacy , 2012 .

[20]  Andreas Terzis,et al.  Peeking Through the Cloud: DNS-Based Estimation and Its Applications , 2008, ACNS.

[21]  Duane Wessels,et al.  A day at the root of the internet , 2008, CCRV.

[22]  Gene Tsudik,et al.  Towards Plugging Privacy Leaks in the Domain Name System , 2010, 2010 IEEE Tenth International Conference on Peer-to-Peer Computing (P2P).

[23]  Mark Allman,et al.  DNS Resolvers Considered Harmful , 2014, HotNets.

[24]  Fabian Monrose,et al.  DNS Prefetching and Its Privacy Implications: When Good Things Go Bad , 2010, LEET.

[25]  Kenton Born,et al.  Detecting DNS Tunnels Using Character Frequency Analysis , 2010, ArXiv.

[26]  Aziz Mohaisen,et al.  Domain Name System Security and Privacy: Old Problems and New Challenges , 2016, ArXiv.

[27]  Euihyun Jung A Data-Driven Decision Making with Big Data Analysis on DNS Log , 2017, ICISA.

[28]  Saikat Guha,et al.  Identity Trail: Covert Surveillance Using DNS , 2007, Privacy Enhancing Technologies.

[29]  Arvind Narayanan,et al.  I never signed up for this! Privacy implications of email tracking , 2018, Proc. Priv. Enhancing Technol..

[30]  Hannes Federrath,et al.  Behavior-based tracking: Exploiting characteristic patterns in DNS traffic , 2013, Comput. Secur..

[31]  Leyla Bilge,et al.  Exposure: A Passive DNS Analysis Service to Detect and Report Malicious Domains , 2014, TSEC.