Ports Distribution Management for Privacy Protection Inside Local Domain Name System
Title | Ports Distribution Management for Privacy Protection Inside Local Domain Name System |
Publication Type | Conference Paper |
Year of Publication | 2016 |
Authors | Song, Fei, Quan, Wei, Zhao, Tianming, Zhang, Hongke, Hu, Ziwei, You, Ilsun |
Conference Name | Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-4571-2 |
Keywords | domain name system, ports distribution, privacy protection, pubcrawl, resilience, Resource management, Scalability, Security by Default |
Abstract | Domain Name System (DNS) had been recognized as an indispensable and fundamental infrastructure of current Internet. However, due to the original design philosophy and easy access principle, one can conveniently wiretap the DNS requests and responses. Such phenomenon is a serious threat for user privacy protection especially when an inside hacking takes place. Motivated by such circumstances, we proposed a ports distribution management solution to relieve the potential information leakage inside local DNS. Users will be able to utilize pre-assigned port numbers instead of default port 53. Selection method of port numbers at the server side and interactive process with corresponding end host are investigated. The necessary implementation steps, including modifications of destination port field, extension option usage, etc., are also discussed. A mathematical model is presented to further evaluate the performance. Both the possible blocking probability and port utilization are illustrated. We expect that this solution will be beneficial not only for the users in security enhancement, but also for the DNS servers in resources optimization. |
URL | http://doi.acm.org/10.1145/2995959.2995965 |
DOI | 10.1145/2995959.2995965 |
Citation Key | song_ports_2016 |