creating a quot long term memory quot for the global dns
play

Creating a "long-term memory" for the global DNS - PowerPoint PPT Presentation

May 19, 2023 •29 likes •279 views

Creating a "long-term memory" for the global DNS Introduction Almost five years ago , we started with an idea : "Can we measure (large parts of) the global DNS on a daily basis?" In this talk, we will discuss: Why

  1. Creating a "long-term memory" for the global DNS

  2. Introduction • Almost five years ago , we started with an idea : "Can we measure (large parts of) the global DNS on a daily basis?" • In this talk, we will discuss: • Why we wanted to do this • How we do it • And examples of what we have learned so far

  3. Why measure the DNS? • DNS translates from the human world to the machine world (and also helps in machine-to-machine interaction) • (Almost) every networked service relies on the DNS • Consequently, measuring what is in the DNS tells a story about the evolution of the Internet and its protocols

  4. Hasn't someone tried this before? • You may be familiar with passive DNS (popular in the security community) • Has two downsides : 1. Only sees what clients ask for (and is thus biased !) 2. No control over query timing, so unsuitable for time series

  5. How we measure • OpenINTEL performs an active measurement , sending a fixed set of queries for all covered domains once every 24 hours • We do this at scale , covering over 216 million domains per day: • gTLDs: .com, .net, .org, .info, .mobi, .aero, .asia, .name, .biz, .gov + almost 1200 "new" gTLDs (.xxx, .xyz, .amsterdam, .berlin, ...) • ccTLDs: .nl, .se, .nu, .ca, .fi, .at, .dk, .ru, .рф, .us, <your ccTLD here?>

  6. Grab your bingo cards folks! • On the next slide, I am going to call this: (a) A blockchain (c) Big data (b) "Agile" and "lean" (d) Cyber!!!

  7. Big data? Big data! • Calling your research big data is all the rage -- research funders love it! • So would our work qualify as big data? • One human genome is about 3 ⋅ 10 9 DNA base pairs • We collect over 2.3 ⋅ 10 9 DNS records each day (about 3 / 4 of a human) • Since February 2015 we collected over 3.1 ⋅ 10 12 results (3.1 trillion ) or: over 1047 human genomes (I bet there's fewer people in this room)

  8. We think we measure responsibly inet6num: xxxx:xxx:xxxx::/48 netname: UTwente-OpenINTEL descr: University of Twente • We have clearly marked the descr: Faculty EEMCS/DACS descr: OpenINTEL Active DNS Measurements address space from which we descr: See http://www.openintel.nl/ for more information measure (including reverse country: NL admin-c: RVR180-RIPE DNS ) tech-c: RVR180-RIPE status: ALLOCATED-BY-LIR mnt-by: SN-LIR-MNT • We have reached out to large mnt-irt: irt-SURFcert created: 2018-06-26T08:53:10Z last-modified: 2018-06-26T08:53:10Z operators in our datasets source: RIPE • Very few complaints received (less than 5 since February 2015)

  9. What can we do with all this data? • We will illustrate the use of OpenINTEL with three examples : • Example 1: DNSSEC operational practices • Example 2: Improving DNS resilience • Example 3: The stupidest thing you can put in a TXT record

  10. Example 1: DNSSEC • (Hopefully) it is well known that .nl and .se have a high level of DNSSEC deployment, due to financial incentives • ( Small ) financial incentives economically only benefit large DNS operators • We hypothesised that the incentives would encourage deployment en masse but that deployments would not necessarily follow security best practices

  11. Just 14 operators Just 3 operators responsible for responsible for .nl .se over 80% of over 80% of signed domains signed domains

  12. Example 1: DNSSEC • We checked DNSSEC practices against guidelines from NIST • Result: operators use (too) small ZSKs (1024-bit) they never roll • Similar results for all large operators in .se and .nl

  13. Example 1: DNSSEC • Impact: IIS (.se operator) decided to change their incentive policy and set explicit security requirements . This is already having an effect!

  14. Example 2: DNS resilience • The attack on Dyn in 2016 shows the risk of sharing DNS infrastructure • Data from OpenINTEL shows that many key customers switched to using two DNS providers

  15. Example 2: DNS resilience • Recently started a collaborative project on DNS resilience against DDoS attacks called " MADDVIPR " • Collaboration between UTwente (NL) and CAIDA/UCSD (US) • Makes extensive use of OpenINTEL to map points of failure, e.g.: • Parent/child delegation • Shared infrastructure mismatches • Topological bottlenecks • Parent/child delegation TTL mismatches

  16. Example 2: DNS resilience • We are currently studying parent/child delegation TTL mismatches • These impact resilience under DDoS (time to change) and how long a DNS hijack lingers

  17. Example 2: DNS resilience • Topological diversity is important .com to protect against denial-of- service • Vast majority of .com domains has name servers located in a single AS .nl • For .nl almost half of domains have name servers in at least two AS-es

  18. Example 2: DNS resilience • Majority of . com and .nl have name .com servers in multiple prefixes , yet 15% only have name servers in a single prefix (IPv4) • Student project: use RIPE Atlas to check if name servers share a .nl location (using speed-of-light triangulation)

  19. Example 3: put it in a TXT record • In TXT records we find: • HTML snippets Studying these • JavaScript closely, as they • Windows Powershell code appear (partly) • Other scripting languages (bash, python, ...) malicious • PEM-encoded X.509 certificates • Snippets of DNS zone files • … (you literally can’t make this stuff up)

  20. Hanlon's maxim “Never attribute to malice, that which can adequately be explained by stupidity”

  21. Drum roll...

  22. And the winner is... -----BEGIN RSA PRIVATE KEY----- MIICXwIBAAKBgQC36kRNc5OwG3uDlRy0OxU+9X5LYlhdj0D+ax6BiC27W7iweVwf wupxsMvLBhhgegptc5tqb1puXPkCxA6aHwhToFtKSEy4fIWTjWoRthy07SSLsFAC koXP++JxZ7bIakqdj5wAyIJ53zSJu7wKImH1Eha7+Myip9LG8HPfsZtY3wIDAQAB ... <— I left this part out... -----END RSA PRIVATE KEY----- • Why, oh why, oh why… • And this is just one example, we’ve seen quite a few of these. • What on Earth are these people doing?!

  23. And the winner is... -----BEGIN RSA PRIVATE KEY----- MIICXwIBAAKBgQC36kRNc5OwG3uDlRy0OxU+9X5LYlhdj0D+ax6BiC27W7iweVwf wupxsMvLBhhgegptc5tqb1puXPkCxA6aHwhToFtKSEy4fIWTjWoRthy07SSLsFAC koXP++JxZ7bIakqdj5wAyIJ53zSJu7wKImH1Eha7+Myip9LG8HPfsZtY3wIDAQAB ... <— I left this part out... -----END RSA PRIVATE KEY----- MATCH!!! • Why, oh why, oh why… oh wait, someone's trying to configure DKIM --- D'oh! <redacteddomain.tld> IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC36kRNc5OwG3uDlRy0OxU+9X 5LYlhdj0D+ax6BiC27W7iweVwfwupxsMvLBhhgegptc5tqb1puXPkCxA6aHwhToFtKSEy4fI WTjWoRthy07SSLsFACkoXP+JxZ7bIakqdj5wAyIJ53zSJu7wKImH1Eha7+Myip9LG8HPfsZt Y3wIDAQAB"

  24. Future of the project • Short term challenges: • Ensure robust data archival • Expand the number of ccTLD s we cover ← can you help us? • Long term goals: • Be the "long-term memory" of the DNS -- if someone in 2025 wants to know what DNS looked like in 2015, we have the answer • Have real-world impact , by improving the performance, resilience and security of the DNS

  25. Questions? Thank you for your attention! Visit our webpage for more information: https://openintel.nl/

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Creating a long-term memory for the global DNS Mattijs Jonker Introduction Almost fjve

Creating a long-term memory for the global DNS Mattijs Jonker Introduction Almost fjve

Creating a long-term memory for the global DNS Mattijs Jonker Introduction Almost fjve years ago, we started with an idea: Can we measure (large parts) of the global DNS on a daily basis? In this talk, I will discuss:

407 views • 11 slides
Long-Term Memory Introduction STM versus LTM Episodic Memory Semantic Memory

Long-Term Memory Introduction STM versus LTM Episodic Memory Semantic Memory

3/16/17 Long-Term Memory Introduction STM versus LTM Episodic Memory Semantic Memory Procedural Memory Encoding in Long-Term Memory Depth of Processing (or Levels of Processing) Self Reference Effect

863 views • 19 slides
Memory Memory processing is the ability to: Acquire (Short term memory) Manipulate

Memory Memory processing is the ability to: Acquire (Short term memory) Manipulate

Memory Memory processing is the ability to: Acquire (Short term memory) Manipulate (Working memory) Retain (Long term memory) Memory Retrieve (Long term memory) processing A difficulty with any one or more of these skills

361 views • 6 slides
F e b r u a r y 2 0 1 9 The Strategy Focus on creating long-term shareholder value by

F e b r u a r y 2 0 1 9 The Strategy Focus on creating long-term shareholder value by

F e b r u a r y 2 0 1 9 The Strategy Focus on creating long-term shareholder value by continually developing our early stage/low cost/high rate of return waterflood oil assets Maximize Oil Recovery Develop pools with horizontal wells drilled

358 views • 15 slides
7. Long- Term Memory Event Cognition Presented by Eun-Sol Kim Index Levels of

7. Long- Term Memory Event Cognition Presented by Eun-Sol Kim Index Levels of

7. Long- Term Memory Event Cognition Presented by Eun-Sol Kim Index Levels of Representation Prior Knowledge Schemas and Scripts Memory Impairment Loss of Long-Term Event Model Access Loss of Access to Event

260 views • 12 slides
An Introduction to Neural Networks Long Short Term Memory (LSTM) and the Attention mechanism Ange

An Introduction to Neural Networks Long Short Term Memory (LSTM) and the Attention mechanism Ange

An Introduction to Neural Networks Long Short Term Memory (LSTM) and the Attention mechanism Ange Tato Universit du Qubec Montral Montreal, Canada Agenda v Recurrent Neural Network (RNN) v Long Short Term Memory (LSTM) v

506 views • 27 slides
1 Brenda Milner 1918 There are Two Major Forms of Long Term Memory Explicit (Declarative)

1 Brenda Milner 1918 There are Two Major Forms of Long Term Memory Explicit (Declarative)

The Study of Memory Has Two Parts: Cellular Mechanisms of Learning (1) The Systems Problem of Memory: Where in the brain is memory stored? and the Biological Basis of Individuality (2) The Molecular Problem of Memory: How is memory stored at

536 views • 8 slides
Long- -Term Changes in Global Term Changes in Global Long Sea Level Sea Level Craig S.

Long- -Term Changes in Global Term Changes in Global Long Sea Level Sea Level Craig S.

Public Policy Forum Public Policy Forum 10 March 2010 10 March 2010 Long- -Term Changes in Global Term Changes in Global Long Sea Level Sea Level Craig S. Fulthorpe Craig S. Fulthorpe University of Texas Institute for Geophysics

108 views • 7 slides
Chapter 3 - Cognition Types of human memory Short term memory and cognitive processes

Chapter 3 - Cognition Types of human memory Short term memory and cognitive processes

Chapter 3 - Cognition Types of human memory Short term memory and cognitive processes Long term memory Learning Unlearning Attention Cognitive load Working memory load Multitasking Measurement of

710 views • 32 slides
Long/Short-Term Memory Mark Hasegawa-Johnson All content CC-SA 4.0 unless otherwise specified.

Long/Short-Term Memory Mark Hasegawa-Johnson All content CC-SA 4.0 unless otherwise specified.

Review Vanishing Gradient Example RNN Forget Gate LSTM Backprop Conclusion Long/Short-Term Memory Mark Hasegawa-Johnson All content CC-SA 4.0 unless otherwise specified. University of Illinois ECE 417: Multimedia Signal Processing, Fall

970 views • 55 slides
Creating long-term value through health engagement Bruce D. Broussard President &amp; Chief

Creating long-term value through health engagement Bruce D. Broussard President &amp; Chief

Creating long-term value through health engagement Bruce D. Broussard President &amp; Chief Executive Officer Humana Inc. CECP - Strategic Investor Initiative February 27, 2017 Cautionary statement This presentation includes forward-looking

206 views • 19 slides
Kotler Keller Marketing Management 14e Creating Long-term Loyalty Relationships

Kotler Keller Marketing Management 14e Creating Long-term Loyalty Relationships

Phillip Kevin Lane Kotler Keller Marketing Management 14e Creating Long-term Loyalty Relationships Discussion Questions 1. What are customer value, satisfaction, and loyalty, and how can companies deliver them? 2. What is the lifetime

2.16k views • 43 slides
Improved Semantic Representations From Tree-Structured Long Short-Term Memory Networks by Kai

Improved Semantic Representations From Tree-Structured Long Short-Term Memory Networks by Kai

Improved Semantic Representations From Tree-Structured Long Short-Term Memory Networks by Kai Sheng Tai, Richard Socher, Christopher D. Manning Daniel Perez tuvistavie CTO @ Claude Tech M2 @ The University of Tokyo October 2, 2017

546 views • 22 slides
Lo Long-short term memory (L (LSTM) Jeong Min Lee CS3750, University of Pittsburgh Outline

Lo Long-short term memory (L (LSTM) Jeong Min Lee CS3750, University of Pittsburgh Outline

3/3/2020 Recurrent neural networks and Lo Long-short term memory (L (LSTM) Jeong Min Lee CS3750, University of Pittsburgh Outline RNN RNN Unfolding Computational Graph Backpropagation and weight update Explode / Vanishing

760 views • 35 slides
Oyu Tolgoi:Creating long-term value at worlds best developing copper project Turquoise

Oyu Tolgoi:Creating long-term value at worlds best developing copper project Turquoise

TD Securities Mining Conference JANUARY 18-19, 2017 Oyu Tolgoi:Creating long-term value at worlds best developing copper project Turquoise Hills investment thesis Oyu Tolgoi expected to be worlds third-largest copper mine with

395 views • 20 slides
Memory and Recall: Sticky Revision for Tricky Exams! Our Aim: Teach students things so that

Memory and Recall: Sticky Revision for Tricky Exams! Our Aim: Teach students things so that

Memory and Recall: Sticky Revision for Tricky Exams! Our Aim: Teach students things so that they remember them FOREVER . Develop student skill so they can APPLY knowledge independently. ? Short Term Memory Long Term Memory (Working

993 views • 53 slides
* * ' ' - - m m ~ ~ # # . . 3 3 0 0 *IJ 5R *IJ 5R t t - - ; ; I I 1 1

* * ' ' - - m m ~ ~ # # . . 3 3 0 0 *IJ 5R *IJ 5R t t - - ; ; I I 1 1

~ ~ ~ ~ Wu, Yongan. &quot;Integrating Mixed-Sensory Mode Presentation and Practice Testing at the Beginning Level Chinese Vocabulary Instruction.&quot; Proceedings of the 11th International Conference on Chinese Language Pedagogy. Eds. S.

517 views • 12 slides
Instructional Strategies for Meeting the Needs of SWD and their Deficits February 25-27, 2019

Instructional Strategies for Meeting the Needs of SWD and their Deficits February 25-27, 2019

Instructional Strategies for Meeting the Needs of SWD and their Deficits February 25-27, 2019 Dr. Deshonda Stringer Mary McArthur School Improvement Specialist School Improvement Specialist Deshonda.Stringer@mresa.org

460 views • 24 slides
Retracing the Rational Analysis of Memory Justin Li Computer Science and Engineering University

Retracing the Rational Analysis of Memory Justin Li Computer Science and Engineering University

Retracing the Rational Analysis of Memory Justin Li Computer Science and Engineering University of Michigan justinnh@umich.edu 2014-06-19 Introduction Problem Models Summary , What is this talk about? Goal: (re)examine and formalize

493 views • 23 slides
Veteran Challenges in Academia Introduction Challenges Statistics 55,739 Veterans in ND

Veteran Challenges in Academia Introduction Challenges Statistics 55,739 Veterans in ND

Veteran Challenges in Academia Introduction Challenges Statistics 55,739 Veterans in ND 6,415 Veterans in Ward County 237 Minot State Veteran Students (Spring 2015) Veteran homeless rate decreased 17.2% from 2009- 2012, still

442 views • 21 slides
flmtss-day3.wikispaces.com Adhere to 0me-ordered agenda Please go

flmtss-day3.wikispaces.com Adhere to 0me-ordered agenda Please go

Day 3 Problem Solving Intensive Intervention Needs Norms Intensive Interven0on Value everyones input/ exper0se/strengths Day 3 Remain Posi0ve Be Learning Focused

373 views • 14 slides
MATTAPAN GROUP HOME REDESIGN Project Team Advisors Nadia Rachel Dak Kopec Adrienne Jones

MATTAPAN GROUP HOME REDESIGN Project Team Advisors Nadia Rachel Dak Kopec Adrienne Jones

MATTAPAN GROUP HOME REDESIGN Project Team Advisors Nadia Rachel Dak Kopec Adrienne Jones Patricia Swenson Janet Roche D E S I G N F O R H U M A N H E A LT H PROCESS Problem Client Input Needs Finalized project INPUTS Site Visit

456 views • 42 slides
Chemo Brain What is it, really? Presented by Debra Arrowood, MS CCC-SLP Speech and

Chemo Brain What is it, really? Presented by Debra Arrowood, MS CCC-SLP Speech and

Chemo Brain What is it, really? Presented by Debra Arrowood, MS CCC-SLP Speech and Language Pathologist Aurora Medical Center Manitowoc County What is it? A term used to describe cognitive deficits that occur during or after cancer

477 views • 32 slides
Using Fast Weights to Attend to the Recent Past Jimmy Ba Geoffrey Hinton University of Toronto

Using Fast Weights to Attend to the Recent Past Jimmy Ba Geoffrey Hinton University of Toronto

Using Fast Weights to Attend to the Recent Past Jimmy Ba Geoffrey Hinton University of Toronto University of Toronto and Google Brain jimmy@psi.toronto.edu geoffhinton@google.com Volodymyr Mnih Joel Z. Leibo Catalin Ionescu Google DeepMind

133 views • 9 slides

More recommend