Measurement study on the DNS centrality in China

LIU Shiming; LI Ruixuan; LIU Baojun; DUAN Haixin; SUN Donghong

doi:10.11959/j.issn.1000-436x.2024261

您当前的位置：

首页 >

文章列表页 >

Measurement study on the DNS centrality in China

Cyber Security | 更新时间：2024-12-31

- Measurement study on the DNS centrality in China
- Journal on Communications Vol. 45, Issue Z2, Pages: 74-81(2024)
- 作者机构：
  
  清华大学网络科学与网络空间研究院，北京 100084
- 作者简介：
- 基金信息：
  
  The National Key Research and Development Project of China(2023YFB3105600)
- DOI：10.11959/j.issn.1000-436x.2024261
  CLC： TN915.08
- Received：22 October 2024，
  
  Published：30 November 2024
- 稿件说明：
移动端阅览
刘世明,李瑞烜,刘保君等.我国互联网域名基础设施集中化程度测量研究[J].通信学报,2024,45(Z2):74-81.

LIU Shiming,LI Ruixuan,LIU Baojun,et al.Measurement study on the DNS centrality in China[J].Journal on Communications,2024,45(Z2):74-81.
刘世明,李瑞烜,刘保君等.我国互联网域名基础设施集中化程度测量研究[J].通信学报,2024,45(Z2):74-81. DOI： 10.11959/j.issn.1000-436x.2024261.

LIU Shiming,LI Ruixuan,LIU Baojun,et al.Measurement study on the DNS centrality in China[J].Journal on Communications,2024,45(Z2):74-81. DOI： 10.11959/j.issn.1000-436x.2024261.

摘要

随着互联网商业模式的演变，最初基于分布式设计的域名基础设施呈现集中化趋势，可能造成大范围网络中断。聚焦于我国域名基础设施集中化，构建基于网页广告分发的递归解析器收集系统，结合大型被动域名解析日志主动测量中国国家和教育域名的权威服务器。测量结果表明，我国域名基础设施存在严重的集中化现象，但主要依赖于国内运营商和企业，与国外集中化节点存在显著差异。网络安全部门应加强对国内域名系统集中化节点的监测和风险预警。

Abstract

The Domain Name System (DNS) was initially designed with a distributed architecture to ensure availability. However

with the development of the Internet

the trend of centrality in the DNS has led to a series of potential single points of failure. Focusing on the centrality of China's DNS infrastructure

a passive recursive resolver data collection system based on Internet advertisement distribution was prompted. Combining passive DNS data with active domain authoritative resource record scanning

the authoritative servers for domain names of China and Chinese education were analyzed. The result indicates a high level of centrality

which primarily relies on Internet Service Providers (ISP) and local Internet companies

showing significant differences from the results abroad. Network authorities should strengthen the monitoring and warning mechanisms for centralized nodes in China's DNS infrastructure.

关键词

Keywords

references

WOOLF N . DDoS attack that disrupted internet was largest of its kind in history [EB/OL ] . ( 2016 )[ 2024-10-22 ] .

王左利 , 魏亮 . 揭秘 5 · 19 断网风暴剖析断网事件[EB/OL ] . ( 2009 )[ 2024-10-22 ] .

WANG Z L , WEI L . Unveiling the May 19th Internet Outage: Analyzing the Network Disruption Event [EB/OL ] . ( 2009 )[ 2024-10-22 ] .

HUSTON G . Looking at centrality in the DNS [EB/OL ] . ( 2022 )[ 2024-10-22 ] .

刘文峰 . 域名系统安全自主根区管理与解析关键技术研究 [D ] . 哈尔滨 : 哈尔滨工业大学 , 2022 .

LIU W F . Research on key technologies of domain name system security autonomous root zone management and resolution [D ] . Harbin : Harbin Institute of Technology , 2022 .

MOURA G C M , CASTRO S , HARDAKER W , et al . Clouding up the Internet: how centralized is DNS traffic becoming? [C ] // Proceedings of the ACM Internet Measurement Conference . New York : ACM Press , 2020 : 42 - 49 .

RADU R , HAUSDING M . Consolidation in the DNS resolver market–how much, how fast, how dangerous? [J ] . Journal of Cyber Policy , 2020 , 5 ( 1 ): 46 - 64 .

SHUE C A , KALAFUT A J , GUPTA M . The web is smaller than it seems [C ] // Proceedings of the 7th ACM SIGCOMM conference on Internet measurement . New York : ACM Press , 2007 : 123 - 128 .

ALLMAN M . Comments on DNS robustness [C ] // Proceedings of the Internet Measurement Conference 2018 . 2018 : 84 - 90 .

KASHAF A , SEKAR V , AGARWAL Y . Analyzing third party service dependencies in modern web services: have we learned from the mirai-dyn incident? [C ] // Proceedings of the ACM Internet Measurement Conference . New York : ACM Press , 2020 : 634 - 647 .

ELZ R , BUSH R , BRADNER S , et al . RFC 2182: Selection and Operation of Secondary DNS Servers [R ] . 1997 .

LOTTOR M K . Domain administrators operations guide [J ] . RFC , 1987 , 1033 : 1 - 22 .

MOCKAPETRIS P . RFC 1034: Domain names - concepts and facilities [R ] . 1987 .

MOCKAPETRIS P . Domain names - implementation and specification [R ] . 1987

FTC . A look at what isps know about you: examining the privacy practices of six major internet service providers [R ] . 2021 .

LEYDESDORFF L , RAFOLS I . Indicators of the interdisciplinarity of journals: diversity, centrality, and citations [J ] . Journal of Informetrics , 2011 , 5 ( 1 ): 87 - 100 .

ROTUNDO G , D’ARCANGELIS A M . Network of companies: an analysis of market concentration in the Italian stock market [J ] . Quality & Quantity , 2014 , 48 ( 4 ): 1893 - 1910 .

LI R , LIU B , LU C , et al . A Worldwide view on the reachability of encrypted DNS services [C ] // Proceedings of the ACM on Web Conference 2024 . New York : ACM Press , 2024 : 1193 - 1202 .

HUANG C , MALTZ D A , LI J , et al . Public DNS system and global traffic management [C ] // Proceedings of IEEE INFOCOM . Piscataway : IEEE Press , 2011 : 2615 - 2623 .

HOLZ R , AMANN J , RAZAGHPANAH A , et al . The era of TLS 1.3: measuring deployment and use with active and passive methods [J ] . arXiv Preprint , arXiv: 1907.12762 , 2019 .

Views

518

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Measurement study on abnormal changes in authoritative resource records of government and educational domains

Fast-flucos:malicious domain name detection method for Fast-flux based on DNS traffic

Identification of DNS covert channel based on improved convolutional neural network

Detecting DNS-based covert channel on live traffic

Related Author

SUN Junzhe

LU Chaoyi

LIU Baojun

DUAN Haixin

SUN Donghong

Chunyu HAN

Yongzheng ZHANG

Yu ZHANG

Related Institution

College of Computer Science, Nankai University

Institute of Information Engineering, Chinese Academy of Sciences

School of Cyber Security, University of Chinese Academy of Sciences

Institute of Cyberspace,China Center for Information Industry Development

National Computer Network Emergency Response Technical Team/Coordination Center of China

AI问答

⁰