Paper Presentation CAP 6135 Outline Review - DNS Proposed Solution Simulation Results / Evaluation Discussion Page 2 Domain Name System - DNS
DNS is a name resolution service which resolves host names into IP address DNS is a distributed database application with a hierarchical structure DNS Benefits Convenience: names are easier to remember Consistency: IP address can change but server names can remain constant Simplicity: One naming convention
Page 3 Domain Name System - DNS Key Components of DNS DNS name space Name servers DNS Zones Resource Records Page 4
DNS Namespace Page 5 Step 1: Your PC sends a resolution request to its configured DNS Server, typically at your ISP. Your PC ISP Recursive DNS server
Tell me the Address of www.google.com Page 6 Step 2: Your ISPs recursive name server starts by asking one of the root servers predefined in its hints file. Tell me the Address of www.google.com ISP Recursive DNS server
Root Servers I dont know the address but I know whos authoritative for the com domain ask them Page 7 Step 3: Your ISPs recursive name server then asks one of the com name servers as directed. Tell me the Address of
www.google.com ISP Recursive DNS server com DNS servers I dont know the address but I know whos authoritative for the google.com domain ask them Page 8 Step 4: Your ISPs recursive name server
then asks one of the google.com name servers as directed. Tell me the Address of www.google.com ISP Recursive DNS server google.com DNS server The Address of www.google.com is 126.96.36.199
Page 9 Step 5: ISP DNS server then send the answer back to your PC. The DNS server will remember the answer for a period of time. Your PC ISP Recursive DNS server The Address of www.google.com is 188.8.131.52 Page 10
Step 6: Your PC can then make the actual HTTP request to the web server. Send me the www.google.com.au web page Your PC www.google.com web server Here it is!
Page 11 Summary WEB (HTTP) Request root DNS servers google.com.au Web Server 6 1
3 5 Your PC ISP Recursive DNS server The actual web request com DNS servers DNS requests
DNS google.com DNS server Page 12 Caching Huge volume of request DNS resolution process allows for caching for a given period of time after a successful answer Determined by a value called the time to live (TTL) TTL is set by the administrator of the DNS server
Page 13 Summary Caching WEB (HTTP) Request root DNS servers google.com.au Web Server
6 1 3 5 Your PC ISP Recursive DNS server The actual web request com DNS servers
DNS requests DNS google.com DNS server Page 14 Proposed Solution DNS resolvers cache responses to improve lookup performance and reduce lookup overhead A resolver can use cached responses upto the time-to-live
(TTL) value associated with the response Modify resolvers - do not expunge cached records with TTL value expired Expired records evicted from cache and stored stale cache Resolvers use stale cache to answer queries for unavailable zone Allows the resolution process to continue Page 15 Proposed Solution
Page 16 Proposed Solution Page 17 Evaluation DNS traffic Cornell Computer Science Dept Internet
~1300 hosts 65 days 84,580,513 DNS queries 53,848,115 DNS responses 4,478,731 unique names Stale cache size: 1 to 30 days Attack duration: 3, 6, 12 and 24 hours. Page 18
Fraction of Queries Answered Page 19 Fraction of Accurate Records in responses Page 20 Fraction of Queries (for two-level names) Answered and Accurate Records Page 21
Fraction of Queries (for three-level names) Answered and Accurate Records Page 22 Stale cache memory footprint Page 23 Discussion
Pros DNS Robustness Simplicity. Does not change the basic protocol operation and infrastructure Does not impose any load on DNS Does not impact the latency of query resolution
Incremental Deployment Motivation for Deployment Page 24 Discussion Objections DNS caching semantics and the possibility of inaccurate information being used Autonomy for zone operators
Attackers attempting to force the use of inaccurate information Resolution latency in the face of an attack Page 25 References Mitigating DNS DoS Attacks, Hitesh Ballani, Paul Francis, CCS 2008 Wikipedia Amplified DNS DDoS Attacks and Mitigation, www.cert-in.org.in
transcoelomic . through the peritoneal cavity. Grading of the tumor: Is based on the histological examination of . the degree of differentiation of the tumor cells & mitotic index (well, moderatelyor poorly differentiated) Staging of the tumor: Is an estimation...
Stained with Giemsa or Wright. Results in banding pattern unique to each chromosome. Karyotype. Count the chromosomes in each cell. Technologist at a microscope. Must analyze . 15-20 cells . to get karyotype. Photograph of karyogram or computer-assisted imaging.
Tahoma Arial Wingdings Calibri Curtain Call 1_Curtain Call Responding to Distressed Students Slide 2 Slide 3 Slide 4 Slide 5 Slide 6 Slide 7 Slide 8 We encourage you to speak directly to students when you sense that they are...
What parts of the OREO do you see in this persuasive paragraph? When you plan your next vacation, be sure to remember that the beach is your best choice. There are so many different things you can do at the...
Lifespan Development Physical and Cognitive Development in Middle Childhood 6 - 12 Chapter 9 Physical Changes Rate: Gender Differences Fine Motor Skills Growth Spurts in the Brain 6 - 8 10 - 12 Physical Changes (cont.) Neurological Development Selective Attention...
BRAIN. Reviewing Essential Concepts and Skills in Language Arts. The purpose of this unit is to twofold. First, we must refresh our brains by reviewing the standards in Literature, Informational Texts, Writing, and Language.
Fossil Fuels. Fossil fuels are energy-rich substances formed from the remains of organisms. Coal, Oil, and natural gas. Fossil fuels are made of hydrocarbons - chains of hydrogen and carbon. Combustion of fossil fuels provides more energy per kg than...
Ready to download the document? Go ahead and hit continue!