KURZFASSUNG Im Domain Name System (DNS) existieren sowohl auf Seiten der Clients als auch auf Seiten der Betreiber erhebliche Sicherheitslücken im Bezug auf die Vertraulichkeit und Privatheit der jeweils eigenen Daten. Der Informationsfluss von Clients, die einen Domain Name auflösen wollen, findet unverschlüsselt statt und wird meist durch mehrere Server geleitet. Serverbetreiber und Angreifer...

The Domain Name System (DNS) is an essential component of the internet infrastructure. Due to its importance, securing DNS becomes a necessity for current and future networks. DNSSEC, the extended version of DNS has been developed in order to provide security services. Unfortunately, DNSSEC doesn’t offer query privacy; we can see all queries sent to resolver in clear. In this paper, we evaluate...

The Domain Name System is critical for the proper operation of applications on the Internet. Unfortunately, the DNS has a number of significant security weaknesses that can result in the compromise of web sites, email messages login sessions. Additionally, these weaknesses have been used as the basis for man-in-themiddle attacks on what are considered secure network protocols. This paper provid...

This document describes the use of Transport Layer Security (TLS) to provide privacy for DNS. Encryption provided by TLS eliminates opportunities for eavesdropping and on-path tampering with DNS queries in the network, such as discussed in RFC 7626. In addition, this document specifies two usage profiles for DNS over TLS and provides advice on performance considerations to minimize overhead fro...

Modern critical infrastructure assets are exposed to security threats arising from their use of IP networks and the Domain Name System (DNS). This paper focuses on the health of DNS. Indeed, due to the increased reliance on the Internet, the degradation of DNS could have significant consequences for the critical infrastructure. This paper describes the Measuring Naming System (MeNSa), a framewo...

Resumen—La utilización de DNS como mecanismo base de nuevos servicios telemáticos basados en resolución de nombres puede suponer riesgos en seguridad y privacidad. La información intercambiada entre clientes y servidores viaja sin ningún tipo de protección. Dicha información puede ser capturada por malware o servidores de acceso deshonestos y acabar siendo vendida para su utilización en técnica...

Privacy leaks are an unfortunate and an integral part of the current Internet domain name resolution. Each DNS query generated by a user reveals – to one or more DNS servers – the origin and target of that query. Over time, a user’s browsing behavior might be exposed to entities with little or no trust. Current DNS privacy leaks stem from fundamental features of DNS and are not easily fixable b...

With the goal of developing a fluorescent nucleoside sensitive to its environment, in this study we synthesized (DNS)C, a novel modified 2'-deoxycytidine bearing a 5-(dimethylamino)naphthalene-1-sulfonyl (dansyl) moiety at the N4 position, and tested its properties in monomeric and oligomeric states. (DNS)C undergoes intramolecular photoinduced electron transfer between its dansyl and cytosine ...

The current domain name system (DNS) couples ownership of domains with the responsibility of serving data for them. The DNS security extensions (DNSSEC) allow verificaton of records obtained by alternate means, opening exploration of alternative storage systems for DNS records. We explore one such alternative using DHash, a peer-to-peer distributed hash table built on top of Chord. Our system i...

Dependency networks (DNs) have been receiving more attention recently because their structures and parameters can be easily learned from data. The full conditional distributions (FCDs) are known conditions of DNs. Gibbs sampling is currently the most popular inference method on DNs. However, sampling methods converge slowly and it can be hard to diagnose their convergence. In this article, we i...