Detecting DNS Root Manipulation

4 years 3 months ago
Detecting DNS Root Manipulation
We present techniques for detecting unauthorized DNS root servers in the Internet using primarily endpoint-based measurements from RIPE Atlas, supplemented with BGP routing announcements from RouteViews and RIPE RIS. The first approach analyzes the latency to the root server and the second approach looks for route hijacks. We demonstrate the importance and validity of these techniques by measuring the only root server (“B”) not widely distributed using anycast. Our measurements establish the presence of several DNS proxies and a DNS root mirror.
Ben Jones, Nick Feamster, Vern Paxson, Nicholas We
Added 08 Apr 2016
Updated 08 Apr 2016
Type Journal
Year 2016
Where PAM
Authors Ben Jones, Nick Feamster, Vern Paxson, Nicholas Weaver, Mark Allman
Comments (0)