A Proxy View of Quality of Domain Name Service

Author

Yuan, Lihua ; Kant, Krishna ; Mohapatra, Prasant ; Chuah, Chen-Nee

Author_Institution

UC, Davis

fYear

2007

fDate

6-12 May 2007

Firstpage

321

Lastpage

329

Abstract

The domain name system (DNS) provides a critical service for the Internet -mapping of user-friendly domain names to their respective IP addresses. Yet, there is no standard set of metrics quantifying the quality of domain name service or QoDNS, let alone a thorough evaluation of it. This paper attempts to fill this gap from the perspective of a DNS proxy/cache, which is the bridge between clients and authoritative servers. We present an analytical model of DNS proxy operations that offers insights into the design tradeoffs of DNS infrastructure and the selection of critical DNS parameters. After validating our model against simulation results, we extend it to study the impact of DNS cache poisoning attacks and evaluate various DNS proposals with respect to the QoDNS metrics. In particular, we compare the performance of two newly proposed DNS security solutions: one based on cryptography and one using collaborative overlays.

Keywords

Internet; cache storage; client-server systems; cryptography; quality of service; telecommunication security; DNS cache poisoning attacks; DNS infrastructure design tradeoffs; DNS proxy operations; DNS security solutions; Internet; QoDNS metrics; client-server system; collaborative overlays; cryptography; domain name service quality; domain name system; Analytical models; Communications Society; Computer crime; Cryptography; Delay; Domain Name System; Peer to peer computing; Public key; Security; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

INFOCOM 2007. 26th IEEE International Conference on Computer Communications. IEEE

Conference_Location

Anchorage, AK

ISSN

0743-166X

Print_ISBN

1-4244-1047-9

Type

conf

DOI

10.1109/INFCOM.2007.45

Filename

4215627