DNSWeight: Quantifying Country-Wise Importance of Domain Name System

DNS (Domain Name System) is one fundamental Internet infrastructure related to most network activities. As a feasible tool to govern the Internet, DNS’s stability and interoperability will be impacted by the countries’ policies or actions along the path. Especially now that many countries have stricter control over the Internet and even sometimes “unplug” it. But there was no study to quantify the countries’ impact systematically. To fill this research gap, we present DNSWeight. This new data-driven approach utilizes a large-scale DNS dataset and BGP (Border Gateway Protocol) routing information to calculate the country-importance score so that a country’s impact on DNS can be gauged. By applying DNSWeight on large-scale DNS and BGP datasets jointly, our study shows the importance among different countries is divided. A handful of countries show dominant significance to the current DNS ecosystem. Some countries with a history of Internet shutdowns are too influential to be ignored if they choose to break themselves from the Internet. We also examine the impact of IPv6 (IP Version 6) and reveal the “loop” phenomenon that occurs in some DNS queries. In conjunction with our findings, some discussion and suggestions are given. In summary, our study shows that DNS reliability needs to be reconsidered at the country’s level.

[1]  Wouter Joosen,et al.  The Wolf of Name Street: Hijacking Domains Through Their Nameservers , 2017, CCS.

[2]  Emin Gün Sirer,et al.  Perils of transitive trust in the domain name system , 2005, IMC '05.

[3]  Narseo Vallina-Rodriguez,et al.  Measuring the Global Recursive DNS Infrastructure: A View From the Edge , 2019, IEEE Access.

[4]  Tzi-cker Chiueh,et al.  Experiences in building a multihoming load balancing system , 2004, IEEE INFOCOM 2004.

[5]  Andrew Clement,et al.  Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty , 2013 .

[6]  Giovane C. M. Moura,et al.  Recursives in the wild: engineering authoritative DNS servers , 2017, Internet Measurement Conference.

[7]  Casey T. Deccio,et al.  DNS privacy in practice and preparation , 2019, CoNEXT.

[8]  Jayajit Chakraborty,et al.  Measuring the Digital Divide in the United States: Race, Income, and Personal Computer Ownership , 2005 .

[9]  Yaman Akdeniz Internet Content Regulation: UK Government and the Control of Internet Content , 2001, Comput. Law Secur. Rev..

[10]  Ramesh Govindan,et al.  An analysis of Internet inter-domain topology and route stability , 1997, Proceedings of INFOCOM '97.

[11]  Christos Papadopoulos,et al.  Towards characterizing international routing detours , 2016, AINTEC.

[12]  Giovane C. M. Moura,et al.  DNS Observatory: The Big Picture of the DNS , 2019, Internet Measurement Conference.

[13]  Shane Greenstein,et al.  Evidence of Decreasing Internet Entropy: The Lack of Redundancy in Dns Resolution by Major Websites and Services , 2018, Journal of Quantitative Description: Digital Media.

[14]  Lixia Zhang,et al.  Impact of configuration errors on DNS robustness , 2004, IEEE Journal on Selected Areas in Communications.

[15]  Nick Feamster,et al.  A First Look into Transnational Routing Detours , 2016, SIGCOMM.

[16]  Nick Feamster,et al.  Global Measurement of DNS Manipulation , 2017, USENIX Security Symposium.

[17]  Winseck The Geopolitical Economy of the Global Internet Infrastructure , 2017, Journal of Information Policy.

[18]  Giovane C. M. Moura,et al.  When Parents and Children Disagree: Diving into DNS Delegation Inconsistency , 2020, PAM.

[19]  Bobby Bhattacharjee,et al.  Internet anycast: performance, problems, & potential , 2018, SIGCOMM.

[20]  Haiyan Xu,et al.  Evaluating the Impact of Name Resolution Dependence on the DNS , 2019, Secur. Commun. Networks.

[21]  Günter Karjoth,et al.  Routing on longest-matching prefixes , 1996, TNET.

[22]  Enrico Gregori,et al.  AS-Level Topology Discovery: Measurement strategies tailored for crowdsourcing systems , 2017, Comput. Commun..

[23]  Randy Bush,et al.  Selection and Operation of Secondary DNS Servers , 1997, RFC.

[24]  M. A. Wicaksana IPv4 vs IPv6 Anycast Catchment: a Root DNS Study , 2016 .

[25]  Paul Francis,et al.  A measurement-based deployment proposal for IP anycast , 2006, IMC '06.

[26]  Walter Willinger,et al.  A Survey of Techniques for Internet Topology Discovery , 2015, IEEE Communications Surveys & Tutorials.

[27]  Leyla Bilge,et al.  Lean On Me: Mining Internet Service Dependencies From Large-Scale DNS Data , 2017, ACSAC.

[28]  Zheng Wang,et al.  Understanding the Performance and Challenges of DNS Query Name Minimization , 2018, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[29]  Antonio Pescapè,et al.  Don't trust traceroute (completely) , 2013, CoNEXT Student Workhop '13.

[30]  Vinod Yegneswaran,et al.  Reexamining DNS From a Global Recursive Resolver Perspective , 2016, IEEE/ACM Transactions on Networking.

[31]  Lixia Zhang,et al.  The (In)Completeness of the Observed Internet AS-level Structure , 2010, IEEE/ACM Transactions on Networking.

[32]  Shen Su,et al.  A Framework to Quantify the Pitfalls of Using Traceroute in AS-Level Topology Measurement , 2011, IEEE Journal on Selected Areas in Communications.

[33]  Subhadip Chakrabarti,et al.  Private Peering Among Internet Backbone Providers , 2003 .

[34]  Benjamin Edwards,et al.  Borders and gateways: measuring and analyzing national as chokepoints , 2019, COMPASS.

[35]  Leonard M. Freeman,et al.  A set of measures of centrality based upon betweenness , 1977 .

[36]  Sharon Goldberg,et al.  Modeling on quicksand: dealing with the scarcity of ground truth in interdomain routing data , 2012, CCRV.

[37]  John S. Heidemann,et al.  Anycast Latency: How Many Sites Are Enough? , 2017, PAM.

[38]  Emile Aben,et al.  The (Thin) Bridges of AS Connectivity: Measuring Dependency Using AS Hegemony , 2017, PAM.

[39]  Giovane C. M. Moura,et al.  Anycast vs. DDoS: Evaluating the November 2015 Root DNS Event , 2016, Internet Measurement Conference.

[40]  Mark Allman,et al.  Comments on DNS Robustness , 2018, Internet Measurement Conference.

[41]  Christian Rossow,et al.  Going Wild: Large-Scale Classification of Open DNS Resolvers , 2015, Internet Measurement Conference.

[42]  Neo,et al.  The collateral damage of internet censorship by DNS injection , 2012, Comput. Commun. Rev..

[43]  Stephen McQuistin,et al.  Taming Anycast in the Wild Internet , 2019, Internet Measurement Conference.

[44]  Arun Venkataramani,et al.  Measuring Update Performance and Consistency Anomalies in Managed DNS Services , 2019, IEEE INFOCOM 2019 - IEEE Conference on Computer Communications.

[45]  Bruce M. Maggs,et al.  A Longitudinal, End-to-End View of the DNSSEC Ecosystem , 2017, USENIX Security Symposium.

[46]  Jianping Wu,et al.  Measuring Query Latency of Top Level DNS Servers , 2013, PAM.

[47]  Aziz Mohaisen,et al.  Where Are You Taking Me? Behavioral Analysis of Open DNS Resolvers , 2019, 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[48]  Sambuddho Chakravarty,et al.  Few Throats to Choke: On the Current Structure of the Internet , 2017, 2017 IEEE 42nd Conference on Local Computer Networks (LCN).

[49]  Nick Feamster,et al.  Detecting DNS Root Manipulation , 2016, PAM.

[50]  Olaf Maennel,et al.  Internet optometry: assessing the broken glasses in internet reachability , 2009, IMC '09.

[51]  M. Carr,et al.  US Power and the Internet in International Relations: The Irony of the Information Age , 2016 .

[52]  Ying Liu,et al.  Who is answering my queries: understanding and characterizing interception of the DNS resolution path , 2019, USENIX Security Symposium.

[53]  Laura DeNardis,et al.  The global war for internet governance , 2014, WebSci '14.

[54]  Ying Liu,et al.  A Reexamination of Internationalized Domain Names: The Good, the Bad and the Ugly , 2018, 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[55]  Haya Shulman,et al.  Counting in the Dark: DNS Caches Discovery and Enumeration in the Internet , 2017, 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[56]  Wouter Joosen,et al.  Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation , 2018, NDSS.

[57]  Giseli Rabello Lopes,et al.  Applying Gini coefficient to quantify scientific collaboration in researchers network , 2011, WIMS '11.

[58]  Zhuoqing Morley Mao,et al.  Internet Censorship in China: Where Does the Filtering Occur? , 2011, PAM.

[59]  Roland van Rijswijk-Deij,et al.  A First Look at QNAME Minimization in the Domain Name System , 2019, PAM.

[60]  Nick Feamster,et al.  Nation-State Hegemony in Internet Routing , 2018, COMPASS.

[61]  Angelos Stavrou,et al.  On the DNS Deployment of Modern Web Services , 2015, 2015 IEEE 23rd International Conference on Network Protocols (ICNP).

[62]  Arun Sundararajan,et al.  Recommendation Networks and the Long Tail of Electronic Commerce , 2010, MIS Q..

[63]  J. Alex Halderman,et al.  Internet Censorship in Iran: A First Look , 2013, FOCI.

[64]  Yao Zhao,et al.  Where the Sidewalk Ends: Extending the Internet AS Graph Using Traceroutes from P2P Users , 2014, IEEE Trans. Computers.

[65]  Daniel Massey,et al.  An analysis of BGP multiple origin AS (MOAS) conflicts , 2001, IMW '01.

[66]  kc claffy,et al.  Traceroute and BGP AS Path Incongruities , 2003 .

[67]  Martin Suchara,et al.  Protecting the DNS from Routing Attacks: Two Alternative Anycast Implementations , 2009, IEEE Security & Privacy.

[68]  Daniel Massey,et al.  Protecting BGP routes to top level DNS servers , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..

[69]  Ying Liu,et al.  An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come? , 2019, Internet Measurement Conference.

[70]  Yuval Shavitt,et al.  DIMES: let the internet measure itself , 2005, CCRV.

[71]  Jia Zhang,et al.  Analysis and Measurement of Zone Dependency in the Domain Name System , 2018, 2018 IEEE International Conference on Communications (ICC).

[72]  Aiko Pras,et al.  Passive Observations of a Large DNS Service: 2.5 Years in the Life of Google , 2018, 2018 Network Traffic Measurement and Analysis Conference (TMA).

[73]  Ramesh Govindan,et al.  Evaluating anycast in the domain name system , 2013, 2013 Proceedings IEEE INFOCOM.

[74]  Li Fan,et al.  Web caching and Zipf-like distributions: evidence and implications , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[75]  Daiping Liu,et al.  All Your DNS Records Point to Us: Understanding the Security Threats of Dangling DNS Records , 2016, CCS.

[76]  Giovane C. M. Moura,et al.  Cache Me If You Can: Effects of DNS Time-to-Live , 2019, Internet Measurement Conference.

[77]  Daniel Massey,et al.  Collecting the internet AS-level topology , 2005, CCRV.

[78]  Thomas C. Schmidt,et al.  Exposing a Nation-Centric View on the German Internet - A Change in Perspective on AS-Level , 2012, PAM.

[79]  Adam Senft,et al.  Characterizing Web Censorship Worldwide: Another Look at the OpenNet Initiative Data , 2015, TWEB.