University of Twente Student Theses


You are the weakest link - identifying single-rack points of failure in the DNS

Averkin, Konstantin (2021) You are the weakest link - identifying single-rack points of failure in the DNS.

[img] PDF
Abstract:The Domain Name System (DNS) plays a vital role in accessing content online as it removes the need for the end-user to remember complicated IP addresses. If this system is unavailable, domain names and other services like email are unusable. In other words, if DNS is down - the Internet is down. In this research, we designed a methodology that identifies single-rack-points of failure in DNS. Natural dis-asters, human errors, or even cyber-attacks could be the cause of single-rack points of failure in the DNS. To understand if this issue is common, we perform latency and Traceroute measurements with RIPE Atlas against a series of authoritative-name servers which we retrieved from the OpenINTEL active DNS measurement system. For more reliable measurements, with the help of the Haversine formula, we have incorporated the selection of close target probes into the methodology. We find that around 17% of all tested sets of DNS servers are vulnerable to the single-rack point of failure. When comparing the two methodologies with each other we noticed that latency measurements are less reliable than Traceroute. Furthermore, among all tested domain names relying on vulnerable DNS servers, we found that around 11% are vulnerable. In addition, the most affected top-level domains include countries like Russia, Iran, Turkey, Algeria, Japan, and Italy. On the other hand, the least affected TLDs are ”.com”, ”.net” and”.org”.
Item Type:Essay (Bachelor)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science BSc (56964)
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page