Abstract
The current landscape of the core Internet technologies shows considerable centralisation with the big tech companies controlling the vast majority of traffic and services. This situation has sparked a wide range of decentralisation initiatives with blockchain technology being among the most prominent and successful innovations. At the same time, over the past years there have been considerable attempts to address the security and privacy issues affecting the Domain Name System (DNS). To this end, it is claimed that Blockchain-based DNS may solve many of the limitations of traditional DNS. However, such an alternative comes with its own security concerns and issues, as any introduction and adoption of a new technology typically does - let alone a disruptive one. In this work we present the emerging threat landscape of blockchain-based DNS and we empirically validate the threats with real-world data. Specifically, we explore a part of the blockchain DNS ecosystem in terms of the browser extensions using such technologies, the chain itself (Namecoin and Emercoin), the domains, and users who have been registered in these platforms. Our findings reveal several potential domain extortion attempts and possible phishing schemes. Finally, we suggest countermeasures to address the identified threats, and we identify emerging research themes.
Highlights
One could argue that there is a periodic paradigm bounce between centralisation and decentralisation in computer science
Gourley and Tewari [20] proposed the use of blockchain to enhance the certificate validation procedure to create an improved Domain Name System (DNS) security extension, providing the same benefits with DNSSEC while overcoming its main drawbacks
Despite the restrictions imposed by the registrar procedure and the data structure template to be added in the blockchain as well as the deviant behaviour of some users, we found some relevant statistics that showcase the potential of Namecoin as a platform to impulse illicit activities
Summary
One could argue that there is a periodic paradigm bounce between centralisation and decentralisation in computer science. Only up until recently, the adoption of distributed DNS is progressively gaining ground [5], mainly due to the inherent features of blockchain technology, such as immutability, verifiability, and trust. The authors discuss the benefits of such a system over the main threats and drawbacks of traditional models such as compromised hosts, spoofing, trust management, and its heavy dependence on PKIs. Benshoof et al [18] proposed a system named D3NS, which uses a distributed hash table and a domain name ownership implementation based on the Bitcoin blockchain. Benshoof et al [18] proposed a system named D3NS, which uses a distributed hash table and a domain name ownership implementation based on the Bitcoin blockchain They aim to replace the top-level DNS and certificate authorities, offering increased scalability, security and robustness. BlockZone, of Wang et al [22], uses a replicated network of nodes to offer efficient name resolution through an improved Practical Byzantine Fault Tolerance (PBFT) consensus mechanism
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
