我国互联网域名基础设施集中化程度测量研究

刘世明; 李瑞烜; 刘保君; 段海新; 孙东红

doi:10.11959/j.issn.1000-436x.2024261

您当前的位置：

首页 >

文章列表页 >

我国互联网域名基础设施集中化程度测量研究

网络安全 | 更新时间：2024-12-31

- 我国互联网域名基础设施集中化程度测量研究
- Measurement study on the DNS centrality in China
- 通信学报 2024年45卷第Z2期页码：74-81
- 作者机构：
  
  清华大学网络科学与网络空间研究院，北京 100084
- 作者简介：
  
  [ "刘世明（2000- ），男，山东平度人，清华大学硕士生，主要研究方向为网络安全、网络测量。" ]
  [ "李瑞烜（1999- ），男，山西忻州人，清华大学工程师，主要研究方向为网络测量、域名安全、邮件安全等。" ]
  [ "刘保君（1994- ），男，安徽宿州人，博士，清华大学助理教授、博士生导师，主要研究方向为网络安全、网络测量、网络犯罪检测等。" ]
  [ "段海新（1972- ），男，山东济宁人，博士，清华大学教授、博士生导师，主要研究方向为网络和系统安全。" ]
  [ "孙东红（1974- ），女，黑龙江哈尔滨人，博士，清华大学副研究员，主要研究方向为网络与信息安全。" ]
- 基金信息：
  
  国家重点研发计划基金资助项目(2023YFB3105600)
- DOI：10.11959/j.issn.1000-436x.2024261
  中图分类号： TN915.08
- 收稿日期：2024-10-22，
  
  纸质出版日期：2024-11-30
- 稿件说明：
移动端阅览
刘世明,李瑞烜,刘保君等.我国互联网域名基础设施集中化程度测量研究[J].通信学报,2024,45(Z2):74-81.

LIU Shiming,LI Ruixuan,LIU Baojun,et al.Measurement study on the DNS centrality in China[J].Journal on Communications,2024,45(Z2):74-81.
刘世明,李瑞烜,刘保君等.我国互联网域名基础设施集中化程度测量研究[J].通信学报,2024,45(Z2):74-81. DOI： 10.11959/j.issn.1000-436x.2024261.

LIU Shiming,LI Ruixuan,LIU Baojun,et al.Measurement study on the DNS centrality in China[J].Journal on Communications,2024,45(Z2):74-81. DOI： 10.11959/j.issn.1000-436x.2024261.

摘要

随着互联网商业模式的演变，最初基于分布式设计的域名基础设施呈现集中化趋势，可能造成大范围网络中断。聚焦于我国域名基础设施集中化，构建基于网页广告分发的递归解析器收集系统，结合大型被动域名解析日志主动测量中国国家和教育域名的权威服务器。测量结果表明，我国域名基础设施存在严重的集中化现象，但主要依赖于国内运营商和企业，与国外集中化节点存在显著差异。网络安全部门应加强对国内域名系统集中化节点的监测和风险预警。

Abstract

The Domain Name System (DNS) was initially designed with a distributed architecture to ensure availability. However

with the development of the Internet

the trend of centrality in the DNS has led to a series of potential single points of failure. Focusing on the centrality of China's DNS infrastructure

a passive recursive resolver data collection system based on Internet advertisement distribution was prompted. Combining passive DNS data with active domain authoritative resource record scanning

the authoritative servers for domain names of China and Chinese education were analyzed. The result indicates a high level of centrality

which primarily relies on Internet Service Providers (ISP) and local Internet companies

showing significant differences from the results abroad. Network authorities should strengthen the monitoring and warning mechanisms for centralized nodes in China's DNS infrastructure.

关键词

Keywords

references

WOOLF N . DDoS attack that disrupted internet was largest of its kind in history [EB/OL ] . ( 2016 )[ 2024-10-22 ] .

王左利 , 魏亮 . 揭秘 5 · 19 断网风暴剖析断网事件[EB/OL ] . ( 2009 )[ 2024-10-22 ] .

WANG Z L , WEI L . Unveiling the May 19th Internet Outage: Analyzing the Network Disruption Event [EB/OL ] . ( 2009 )[ 2024-10-22 ] .

HUSTON G . Looking at centrality in the DNS [EB/OL ] . ( 2022 )[ 2024-10-22 ] .

刘文峰 . 域名系统安全自主根区管理与解析关键技术研究 [D ] . 哈尔滨 : 哈尔滨工业大学 , 2022 .

LIU W F . Research on key technologies of domain name system security autonomous root zone management and resolution [D ] . Harbin : Harbin Institute of Technology , 2022 .

MOURA G C M , CASTRO S , HARDAKER W , et al . Clouding up the Internet: how centralized is DNS traffic becoming? [C ] // Proceedings of the ACM Internet Measurement Conference . New York : ACM Press , 2020 : 42 - 49 .

RADU R , HAUSDING M . Consolidation in the DNS resolver market–how much, how fast, how dangerous? [J ] . Journal of Cyber Policy , 2020 , 5 ( 1 ): 46 - 64 .

SHUE C A , KALAFUT A J , GUPTA M . The web is smaller than it seems [C ] // Proceedings of the 7th ACM SIGCOMM conference on Internet measurement . New York : ACM Press , 2007 : 123 - 128 .

ALLMAN M . Comments on DNS robustness [C ] // Proceedings of the Internet Measurement Conference 2018 . 2018 : 84 - 90 .

KASHAF A , SEKAR V , AGARWAL Y . Analyzing third party service dependencies in modern web services: have we learned from the mirai-dyn incident? [C ] // Proceedings of the ACM Internet Measurement Conference . New York : ACM Press , 2020 : 634 - 647 .

ELZ R , BUSH R , BRADNER S , et al . RFC 2182: Selection and Operation of Secondary DNS Servers [R ] . 1997 .

LOTTOR M K . Domain administrators operations guide [J ] . RFC , 1987 , 1033 : 1 - 22 .

MOCKAPETRIS P . RFC 1034: Domain names - concepts and facilities [R ] . 1987 .

MOCKAPETRIS P . Domain names - implementation and specification [R ] . 1987

FTC . A look at what isps know about you: examining the privacy practices of six major internet service providers [R ] . 2021 .

LEYDESDORFF L , RAFOLS I . Indicators of the interdisciplinarity of journals: diversity, centrality, and citations [J ] . Journal of Informetrics , 2011 , 5 ( 1 ): 87 - 100 .

ROTUNDO G , D’ARCANGELIS A M . Network of companies: an analysis of market concentration in the Italian stock market [J ] . Quality & Quantity , 2014 , 48 ( 4 ): 1893 - 1910 .

LI R , LIU B , LU C , et al . A Worldwide view on the reachability of encrypted DNS services [C ] // Proceedings of the ACM on Web Conference 2024 . New York : ACM Press , 2024 : 1193 - 1202 .

HUANG C , MALTZ D A , LI J , et al . Public DNS system and global traffic management [C ] // Proceedings of IEEE INFOCOM . Piscataway : IEEE Press , 2011 : 2615 - 2623 .

HOLZ R , AMANN J , RAZAGHPANAH A , et al . The era of TLS 1.3: measuring deployment and use with active and passive methods [J ] . arXiv Preprint , arXiv: 1907.12762 , 2019 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

政府教育域名权威资源记录异常变更测量研究

Fast-flucos：基于DNS流量的Fast-flux恶意域名检测方法

基于改进卷积神经网络识别DNS隐蔽信道

基于DNS的隐蔽通道流量检测