comments on dns robustness
play

Comments on DNS Robustness Mark Allman Reformed IETF Native - PowerPoint PPT Presentation

Nov 21, 2023 •146 likes •413 views

Comments on DNS Robustness Mark Allman Reformed IETF Native Applied Networking Research Workshop July 2018 Been away so long I hardly knew the place, Gee, it's good to be back home Observation #1 Allman 2 Observation #2 1.6 SLDs

  1. Comments on DNS Robustness Mark Allman Reformed IETF Native Applied Networking Research Workshop July 2018 ”Been away so long I hardly knew the place, Gee, it's good to be back home”

  2. Observation #1 Allman 2

  3. Observation #2 1.6 SLDs 1.5 1.4 Growth Rate 1.3 1.2 1.1 1 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 Allman 3

  4. Observation #2 1.6 A RRs SLDs 1.5 1.4 Growth Rate 1.3 1.2 1.1 1 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 Allman 4

  5. How Robust Is DNS? • “Good Enough” 
 • But, … um … ahem … 
 1.6 A RRs SLDs 1.5 1.4 Growth Rate 1.3 1.2 1.1 1 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 Allman 5

  6. How Robust Is DNS? • What do we mean by “robust”? • many dimensions • our focus: • always able to communicate with an auth server holding the DNS record we seek Allman 6

  7. DNS Robustness root .org .com .edu .case.edu .icir.org .eff.org .cnn.com .ebay.com .berkeley.edu .icsi.berkeley.edu git.icir.org imaphost.icsi.berkeley.edu 7

  8. DNS Robustness root .org .com .edu .case.edu .icir.org .eff.org .cnn.com .ebay.com .berkeley.edu •Community infrastructure .icsi.berkeley.edu git.icir.org •Many named replicas 
 e.g., a-root, b-root, etc. imaphost.icsi.berkeley.edu •Many unnamed replicas 
 i.e., via anycast routing 8

  9. DNS Robustness root .org .com .edu .case.edu .icir.org .eff.org .cnn.com .ebay.com .berkeley.edu •Few named replicas 
 .icsi.berkeley.edu git.icir.org ~80% of SLDs have <= 2 named auth servers •Unknown / variable use of anycast replicas imaphost.icsi.berkeley.edu •Myriad operators / policies 9

  10. How Robust Is DNS? • Let’s measure some facets of the system at the SLD level that bear on robustness Allman 10

  11. Datasets .com zone file Alexa .net zone file Top 1M .org zone file Once / Month Winnowed Zone File Apr 09 - Apr 18 Data courtesy of Verisign, Alexa, Emile Aben (RIPE) and Quirin Scheitle (TUM) Allman 11

  12. Robustness Specifications • RFC 1034: must have multiple authoritative nameservers for robustness • RFC 2182: authoritative nameservers must be geographically and topologically diverse Allman 12

  13. What Is Network Diversity? • We start cheap & conservative: • use /24 address blocks to define diversity • two addresses in one /24: no diversity • two addresses in two /24s: diversity 
 (but, really, who knows?!) • Future work includes using historical routing data Allman 13

  14. Spec. vs. Reality = Min 55 50 45 Percentage of SLDs 40 35 30 25 20 15 10 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 Allman 14

  15. Spec. vs. Reality = Min > Min 55 50 45 Percentage of SLDs 40 35 30 25 20 15 10 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 Allman 15

  16. Spec. vs. Reality = Min < Min > Min 55 50 45 Percentage of SLDs 40 Upper Bound 35 30 25 20 15 Lower Bound 10 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 Allman 16

  17. Shared Infrastructure root .org .com .edu .case.edu .icir.org .eff.org .cnn.com .ebay.com .berkeley.edu .icsi.berkeley.edu git.icir.org imaphost.icsi.berkeley.edu 17

  18. Shared Infrastructure root •Different parts of the tree, but rely on same auth servers .org .com .edu .case.edu .icir.org .eff.org .cnn.com .ebay.com .berkeley.edu .icsi.berkeley.edu git.icir.org imaphost.icsi.berkeley.edu 18

  19. Shared Infrastructure • Hierarchy belies much concentration • Concentration compounds issues • Perhaps concentration invites trouble 19

  20. Nameserver-Level Analysis • For each SLD, determine the number of other SLDs that use the same set of nameservers (by IP address) • Repeat for each month in dataset 20

  21. Nameserver-Level Analysis 100000 Number of Overlapping SLDs 10000 Distributions are fairly Maximum 9-10K SLDs share the 1000 stable across time. Median same set of nameservers. 100 Half the SLDs share the same nameservers 10 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 as > 100 other SLDs. 21

  22. Network-Level Analysis • For each SLD determine the number of other SLDs whose nameservers fall within the same 
 /24 address blocks • Repeat for each month in dataset 22

  23. Network-Level Analysis 100000 2x Number of Overlapping SLDs 10000 Half the SLDs are in groups with > 3K other SLDs 25x Maximum 1000 Median 100 Nameserver concentration is increasing over time. 10 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 23

  24. Top 10 SLD Groups Rank Num. SLDs Num. /24s Same Last Hop ✓ 1 71,472 2 2 2 69,637 ✓ 3 15,421 2 ✓ 4 13,044 2 5 2 8,347 ✓ 6 6,111 2 ✗ 7 5,568 3 8 2 5,076 9 4,788 2 10 4,611 4 Total 23 204,075 > 20% of the popular SLDs > 20% of the popular SLDs fall within 23 /24 blocks! rely on 19 edge networks! 24

  25. Conclusions • DNS sky is not falling • But, we have some unhealthy habits … • too little auth server replication • too much auth server concentration • Note: concentration is not wholly bad 25

  26. Questions? Comments? Draft paper: 
 https://www.icir.org/mallman/pubs/All18 Mark Allman, mallman@icir.org https://www.icir.org/mallman/ @mallman_icsi

Recommend

Robustness? Robustness ? Robustness?

Robustness? Robustness ? Robustness?

Robustness? Robustness ? Robustness? Thomas Mandl

245 views • 5 slides
Where Are We? Lecture 9 Robustness through Training 1 Robustness Explicit Handling of Noise

Where Are We? Lecture 9 Robustness through Training 1 Robustness Explicit Handling of Noise

Where Are We? Lecture 9 Robustness through Training 1 Robustness Explicit Handling of Noise and Channel Variations 2 Michael Picheny, Bhuvana Ramabhadran, Stanley F. Chen Robustness via Adaptation 3 IBM T.J. Watson Research Center

256 views • 22 slides
UCSD Robustness Summer School David Donoho 20190812 David Donoho UCSD Robustness Summer School

UCSD Robustness Summer School David Donoho 20190812 David Donoho UCSD Robustness Summer School

What is Statistics? What is Statistical Research? Paradigm Shifts in Statistics How did Robustness in Statistics Emerge? What has Robustness in Statistics delivered? What has Robustness in Statistics to do with CS? UCSD Robustness

721 views • 26 slides
Robustness and Generalization Huan Xu The University of Texas at Austin Department of Electrical

Robustness and Generalization Huan Xu The University of Texas at Austin Department of Electrical

Robustness and Generalization Huan Xu The University of Texas at Austin Department of Electrical and Computer Engineering COLT, June 29, 2010 Joint work with Shie Mannor What is Robustness? What is Robustness? What is Robustness?

571 views • 53 slides
Robustness and SMC Adam Pechner Overview What is Robustness and why do we care? Different

Robustness and SMC Adam Pechner Overview What is Robustness and why do we care? Different

Robustness and SMC Adam Pechner Overview What is Robustness and why do we care? Different types of Robust Control Techniques Sliding Mode Control (SMC) Definition and Benefits Drawbacks and Requirements Applications of SMC

538 views • 40 slides
Algorithms in Nature Network robustness Slides adapted from Carl Kingsford Network robustness

Algorithms in Nature Network robustness Slides adapted from Carl Kingsford Network robustness

Algorithms in Nature Network robustness Slides adapted from Carl Kingsford Network robustness Many complex systems show a surprising degree of tolerance to errors: Biological networks persist despite environmental noise, failures, attacks

224 views • 20 slides
Point sets, Maps and Navigation - II D.A. Forsyth Robustness is a serious problem Robustness is

Point sets, Maps and Navigation - II D.A. Forsyth Robustness is a serious problem Robustness is

Point sets, Maps and Navigation - II D.A. Forsyth Robustness is a serious problem Robustness is a serious problem Key issue: Squaring a large number produces a huge number A few wildly mismatch points can throw off R, t Fixes:

153 views • 12 slides
Trade-off between Efficiency and Robustness Doctoral Colloqium @ SenSys18, Shenzhen Robert

Trade-off between Efficiency and Robustness Doctoral Colloqium @ SenSys18, Shenzhen Robert

Institute of Operating Systems and Computer Networks E ffi ciency E ffi ciency vs Robustness = Trade-o ff Robustness Energy Budget Trade-off between Efficiency and Robustness Doctoral Colloqium @ SenSys18, Shenzhen Robert Hartung,

680 views • 19 slides
S9932: LEARNING TO BOOST S9932: LEARNING TO BOOST ROBUSTNESS FOR ROBUSTNESS FOR AUTONOMOUS

S9932: LEARNING TO BOOST S9932: LEARNING TO BOOST ROBUSTNESS FOR ROBUSTNESS FOR AUTONOMOUS

S9932: LEARNING TO BOOST S9932: LEARNING TO BOOST ROBUSTNESS FOR ROBUSTNESS FOR AUTONOMOUS DRIVING AUTONOMOUS DRIVING Bernhard Firner, March 20, 2019 AUTONOMOUS DRIVING Sounds simple Actually pretty diffjcult Can start with sub-domains to

798 views • 49 slides
Key-Robustness for Cryptographic Primitives ie 1 R azvan Ros 1 ENS, CNRS, INRIA &amp; PSL

Key-Robustness for Cryptographic Primitives ie 1 R azvan Ros 1 ENS, CNRS, INRIA &amp; PSL

Key-Robustness for Cryptographic Primitives ie 1 R azvan Ros 1 ENS, CNRS, INRIA &amp; PSL Research University, Paris, France ECRYPT-NET Summer School, Crete, Greece 12 th October 2017 R azvan Ros ie Key-Robustness for Cryptographic

949 views • 48 slides
Matrix Robustness, with an Application to Power System Observability Matthias Brosemann Jochen

Matrix Robustness, with an Application to Power System Observability Matthias Brosemann Jochen

Power system observability Complexity of Matrix Robustness Algorithms for Matrix Robustness Experiments Matrix Robustness, with an Application to Power System Observability Matthias Brosemann Jochen Alber Falk H uffner Rolf Niedermeier

350 views • 31 slides
Variants of Turing Machines Variants of Turing Machines p.1/49 Robustness

Variants of Turing Machines Variants of Turing Machines p.1/49 Robustness

Variants of Turing Machines Variants of Turing Machines p.1/49 Robustness Robustness of a mathematical object (such as proof, definition, algorithm, method, etc.) is measured by its invariance to certain changes To prove that a

944 views • 49 slides
Level set methods for robustness measures P. V AN D OOREN CESAME, Universit e catholique de

Level set methods for robustness measures P. V AN D OOREN CESAME, Universit e catholique de

Level set methods for robustness measures P. V AN D OOREN CESAME, Universit e catholique de Louvain joint work with Y. Genin, T. Lawrence, M. Overton, J. Sreedhar, A. Tits What it is about Fast and reliable computation of robustness measures

490 views • 29 slides
Optimization over Integers with Robustness in Cost and Few Constraints Kai-Simon Goetzmann

Optimization over Integers with Robustness in Cost and Few Constraints Kai-Simon Goetzmann

Introduction Cost Robustness Applications Optimization over Integers with Robustness in Cost and Few Constraints Kai-Simon Goetzmann (Joint work with Sebastian Stiller and Claudio Telha) WAOA 2011 Sept 09 Kai-Simon Goetzmann Robust

809 views • 52 slides
Beyond the Pixels: Exploring the Effect of Video File Corruptions on Model Robustness Trenton

Beyond the Pixels: Exploring the Effect of Video File Corruptions on Model Robustness Trenton

Beyond the Pixels: Exploring the Effect of Video File Corruptions on Model Robustness Trenton Chang Daniel Y. Fu Yixuan Li Christopher R Stanford University Workshop on Adversarial Robustness in the Real World, ECCV 2020

280 views • 13 slides
Robustness in GANs and in Black-box Optimization Stefanie Jegelka MIT CSAIL joint work with

Robustness in GANs and in Black-box Optimization Stefanie Jegelka MIT CSAIL joint work with

Robustness in GANs and in Black-box Optimization Stefanie Jegelka MIT CSAIL joint work with Zhi Xu, Chengtao Li, Ilija Bogunovic, Jonathan Scarlett and Volkan Cevher Robustness in ML noise Generator One unit is enough! Critic

636 views • 15 slides
Linear robustness analysis of non-linear biomolecular networks with kinetic perturbations Steffen

Linear robustness analysis of non-linear biomolecular networks with kinetic perturbations Steffen

Linear robustness analysis of non-linear biomolecular networks with kinetic perturbations Steffen Waldherr and Frank Allgwer Institute for Systems Theory and Automatic Control Universitt Stuttgart MSC 2011, Workshop on Robustness in

700 views • 34 slides
Robustness measures and level set methods P. Van Dooren Abstract In this talk we discuss the

Robustness measures and level set methods P. Van Dooren Abstract In this talk we discuss the

Robustness measures and level set methods P. Van Dooren Abstract In this talk we discuss the computation of a range of robustness measures for linear time invariant systems. More precisely, we propose algorithms based on the idea of level set

524 views • 5 slides
Interpretability and Robustness for Multi-Hop QA Mohit Bansal (MRQA-EMNLP 2019 Workshop) 1

Interpretability and Robustness for Multi-Hop QA Mohit Bansal (MRQA-EMNLP 2019 Workshop) 1

Interpretability and Robustness for Multi-Hop QA Mohit Bansal (MRQA-EMNLP 2019 Workshop) 1 Multihop-QAs Diverse Requirements Interpretability and Modularity Multiple Reasoning Chains Assembling Adversarial Shortcut Robustness

947 views • 52 slides
&lt;Opening comments&gt; Before going into the Q&amp;A session, I would like to add a few comments

&lt;Opening comments&gt; Before going into the Q&amp;A session, I would like to add a few comments

Analyst Meeting Q&amp;A (Earnings Release for the Three Months Ended June 30, 2019) &lt;Opening comments&gt; Before going into the Q&amp;A session, I would like to add a few comments to explain the reasons behind the 13.8 billion-yen year-on-year

343 views • 7 slides
Distributed Robustness Analysis Anders Hansson Division of Automatic Control Link oping

Distributed Robustness Analysis Anders Hansson Division of Automatic Control Link oping

Distributed Robustness Analysis Anders Hansson Division of Automatic Control Link oping University August 2223, 2016 Outline Robustness Analysis Chordal Sparsity in Semidefinite Programming Domain- and Range-Space Decomposition

599 views • 49 slides
Robustness Techniques for Speech Recognition Berlin Chen, 2004 References: 1. X. Huang et al.

Robustness Techniques for Speech Recognition Berlin Chen, 2004 References: 1. X. Huang et al.

Robustness Techniques for Speech Recognition Berlin Chen, 2004 References: 1. X. Huang et al. Spoken Language Processing (2001). Chapter 10 2. J. C. Junqua and J. P. Haton. Robustness in Automatic Speech Recognition (1996), Chapters 5, 8-9 3. T.

956 views • 64 slides
Image Space Gathering Austin Robison Predictive Rendering Phenomenological Rendering Robustness

Image Space Gathering Austin Robison Predictive Rendering Phenomenological Rendering Robustness

Image Space Gathering Austin Robison Predictive Rendering Phenomenological Rendering Robustness Robustness Speed Speed Controllable Accuracy Appearance Example Phenomena Soft Shadows Depth of Field Motion Blur Color Bleeding

388 views • 24 slides
Most Robust Fuzzy Need for Robustness . . . What Is Known and . . . Extensions of Binary Logical

Most Robust Fuzzy Need for Robustness . . . What Is Known and . . . Extensions of Binary Logical

Need for Fuzzy Extensions Need for Fuzzy . . . Need for Robustness, . . . Most Robust Fuzzy Need for Robustness . . . What Is Known and . . . Extensions of Binary Logical Results Operations Results (cont-d) Home Page Irvin L. Bosquez and

263 views • 8 slides

More recommend