Measuring Adoption of DNS Security Mechanisms with Cross-Sectional Approach

Masanori Yajima, Daiki Chiba, Yoshiro Yoneya, Tatsuya Mori

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The threat of attacks targeting a DNS, such as DNS cache poisoning attacks and DNS amplification attacks, continues unabated. In addition, attacks that exploit the difficulty in deter-mining the authenticity of domain names, such as phishing sites and fraudulent emails, continue to be a significant threat. Various DNS security mechanisms have been proposed, standardized, and implemented as effective countermeasures against DNS-related attacks. However, it is not clear how widespread these security mechanisms are in the DNS ecosystem and how effectively they work in the wild. With this background, this study targets the major DNS security mechanisms deployed for the DNS name servers, DNSSEC, DNS Cookies, CAA, SPF, DMARC, MTA-STS, DANE, and TLSRPT, and a large-scale measurement analysis of their deployment is conducted. Our results quantitatively reveal that, as of 2021, the adoption rate of most DNS security mechanisms, except SPF, remains low, and the adoption rate is lower for mechanisms that are more difficult to configure. These findings suggest the importance of developing easy-to-deploy tools to promote the adoption of security mechanisms.

Original languageEnglish
Title of host publication2021 IEEE Global Communications Conference, GLOBECOM 2021 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781728181042
DOIs
Publication statusPublished - 2021
Event2021 IEEE Global Communications Conference, GLOBECOM 2021 - Madrid, Spain
Duration: 2021 Dec 72021 Dec 11

Publication series

Name2021 IEEE Global Communications Conference, GLOBECOM 2021 - Proceedings

Conference

Conference2021 IEEE Global Communications Conference, GLOBECOM 2021
Country/TerritorySpain
CityMadrid
Period21/12/721/12/11

Keywords

  • DNS Security
  • Measurement

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Networks and Communications
  • Computer Science Applications
  • Hardware and Architecture
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality
  • Health Informatics

Fingerprint

Dive into the research topics of 'Measuring Adoption of DNS Security Mechanisms with Cross-Sectional Approach'. Together they form a unique fingerprint.

Cite this