log in  |  register  |  feedback?  |  help  |  web accessibility
Logo
D-Mystifying the D-Root Address Change
Matthew Lentz - University of Maryland
Wednesday, October 16, 2013, 2:00-3:00 pm Calendar
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)
Abstract
On January 3, 2013, the D-root DNS server hosted at the University of
Maryland changed IP address. To avoid service disruption, the old address
continues to answer queries. In this paper, we perform an initial
investigation of the traffic at both the new and old addresses before,
during, and since the flag day. The data we collected show non-obvious
behavior: the overall query volume to the D-roots increases by roughly 50%,
the old address continues to receive a high volume of queries months after
the changeover, and far more queries to the old address succeed than those
to the new one. Our analysis provides a window into how compliant resolvers
change over and how non-standard and seemingly malicious resolvers react (or
not) to the IP address change. We provide evidence that a relatively small
number of implementation errors account for nearly all discrepancies that
are not misconfigurations or attacks.
Bio

Matthew Lentz is a graduate student in the Ph.D. program in the ECE Department at the University of Maryland College Park, where he also obtained his B.S. in Computer Engineering. He is broadly interested in the areas of privacy and security associated with networked systems.

This talk is organized by Ramakrishna Padmanabhan