Abstract
DNS plays an important role on the Internet. The addressing of most applications depends on the proper operation of DNS. The root servers and the top-level domain servers are relied upon by many domains on the Internet, and their security affects the whole Internet. As a result, more attention has been paid to the security of servers at these two levels. However, the security of second-level domains and their servers also needs to be brought to the forefront. This paper focuses on showing the complex resolving dependencies and identifying influential name servers for second-level domains. We start by detecting domain name resolution paths and building up a name dependency graph. Then we construct domain name resolution networks of different numbers and sizes, which are connected by a certain number of domain name resolution graphs. On this basis, the network is analyzed from the perspective of complex network analysis, and a multi-indicators node importance evaluation method based on partial order is proposed to identify the influential name servers of the network. Once these name servers are not properly configured and fail or are compromised by DDoS attacks, it will cause resolution failure for a wide range of domain names.
Highlights
The domain name system (DNS) provides the service of address resolution for most kinds of Internet applications, which transforms the more remembered domain name into the actual identification of hosts on the Internet - IP address, and vice versa
There is another kind of local DNS server, which is equivalent to a proxy
Since we are mainly concerned with the resolution status below the top-level domain (TLD), the root and TLD servers from the path data are removed from the resolution path
Summary
According to the requirements of the DNS protocol specification [3, 4], most SLD administrators configure multiple name servers for domain zone to improve the performance of domain name resolution and distribute the servers in different regions to increase the reliability of domain name resolution. By analyzing these resolution dependencies, it is found that some SLD authoritative name servers (hereinafter referred to as name servers) provide resolution services for hundreds of domain names. To identify influential SLD name servers, a domain name resolution network is built based on real data of a large number of domain name resolution paths data. The DNRN represents the complex connection of many domain names on the resolution path, which is used to identify influential key domains and SLD name servers from the SLDs of DNS.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call