Abstract
Despite the central importance of DNS, numerous attacks and vulnerabilities are regularly discovered. The root of the problem is the ambiguity and tremendous complexity of DNS protocol specifications, amid a rapidly evolving Internet infrastructure. To counteract the vicious break-and-fix cycle for improving DNS infrastructure, we instigate a foundational approach: we construct the first formal semantics of end-to-end name resolution, a collection of components for the formal analyses of both qualitative and quantitative properties, and an automated tool for discovering DoS attacks. Our formal framework represents an important step towards a substantially more secure and reliable DNS infrastructure. Show more
Publication status
publishedExternal links
Book title
ACM SIGCOMM '23: Proceedings of the ACM SIGCOMM 2023 ConferencePages / Article No.
Publisher
Association for Computing MachineryEvent
Subject
DNS; Formal Semantics; Maude; Statistical Model Checking; DoSOrganisational unit
03634 - Basin, David / Basin, David
03975 - Perrig, Adrian / Perrig, Adrian
Funding
215318 - RHINE: A Highly Secure and Available Domain Name Infrastructure (SNF)
More
Show all metadata
ETH Bibliography
yes
Altmetrics