Abstract
Reverse DNS (rDNS) is regularly used as a data source in Internet measurement research. However, existing work is polarized on its reliability, and new techniques to collect active IPv6 datasets have not yet been sufficiently evaluated. In this paper, we investigate active and passive data collection and practical use aspects of rDNS datasets. We observe that the share of non-authoritatively answerable IPv4 rDNS queries reduced since earlier studies and IPv6 rDNS has less non-authoritatively answerable queries than IPv4 rDNS. Furthermore, we compare passively collected datasets with actively collected ones, and we show that they enable observing the same effects in rDNS data. While highlighting opportunities for future research, we find no immediate challenges to the use of rDNS as active and passive data-source for Internet measurement research.
The original version of this chapter was revised: The authors made corrections on page 139 and 141. For detailed information please see the erratum to this chapter, available at https://doi.org/10.1007/978-3-319-76481-8_21
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cormack, G.V.: Email spam filtering: a systematic review. Found. Trends Inf. Retrieval 1(4), 335–455 (2007)
Nicholas, D., Huntington, P.: Micro-mining and segmented log file analysis: a method for enriching the data yield from internet log files. SAGE J. Inf. Sci. 29(5), 391–404 (2003)
Zhang, M., Ruan, Y., Pai, V.S., Rexford, J.: How DNS misnaming distorts internet topology mapping. In: Usenix Annual Technical Conference (ATC) (2006)
Oliveira, R.V., Pei, D., Willinger, W., Zhang, B., Zhang, L.: In search of the elusive ground truth: Yhe Internet’s AS-level connectivity structure. In: Proceedings of ACM SIGMETRICS, vol. 36 (2008)
Fiebig, T., Borgolte, K., Hao, S., Kruegel, C., Vigna, G.: Something from nothing (There): collecting global IPv6 datasets from DNS. In: Proceedings of Passive and Active Measurement (PAM) (2017)
Gao, H., Yegneswaran, V., Chen, Y., Porras, P., Ghosh, S., Jiang, J., Duan, H.: An empirical reexamination of global DNS behavior. Proc. ACM SIGCOMM 43(4), 267–278 (2013)
Phokeer, A., Aina, A., Johnson, D.: DNS Lame delegations: a case-study of public reverse DNS records in the African region. In: Bissyande, T.F., Sie, O. (eds.) AFRICOMM 2016. LNICST, vol. 208, pp. 232–242. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-66742-3_22
Hao, S., Feamster, N., Pandrangi, R.: An internet-wide view into DNS lookup patterns. Technical report, School of Computer Science, Georgia Technology (2010)
Gao, H., Yegneswaran, V., Jiang, J., Chen, Y., Porras, P., Ghosh, S., Duan, H.: Reexamining DNS from a global recursive resolver perspective. IEEE/ACM Trans. Networking (TON) 24(1), 43–57 (2016)
Spring, N., Mahajan, R., Wetherall, D., Anderson, T.: Measuring ISP topologies with rocketfuel. IEEE/ACM Trans. Networking (TON) 12(1), 2–16 (2004)
Czyz, J., Luckie, M., Allman, M., Bailey, M.: Don’t forget to lock the back door! A characterization of IPv6 network security policy. In: Proceedings of Internet Society Symposium on Network and Distributed System Security (NDSS) (2016)
Borgolte, K., Hao, S., Fiebig, T., Kruegel, C., Vigna, G.: Enumerating active IPv6 hosts for large-scale security scans via DNSSEC-signed reverse zones. In: Proceedings of IEEE Security & Privacy (S&P) (2018)
Huston, G.: Deprecation of “ip6.int”. RFC 4159 (Best Current Practice), August 2005
Cheshire, S., Krochmal, M.: DNS-based service discovery. RFC 6763 (Proposed Standard), February 2013
Wessels, D., Fomenkov, M.: Wow, that’s a lot of packets. In: Proceedings of Passive and Active Measurement Workshop (PAM) (2003)
Borgolte, K., Fiebig, T., Hao, S., Kruegel, C., Vigna, G.: Cloud strife: mitigating the security risks of domain-validated certificates. In: Proceedings of Internet Society Symposium on Network and Distributed System Security (NDSS) (2018)
Eidnes, H., de Groot, G., Vixie, P.: Classless IN-ADDR.ARPA delegation. RFC 2317 (Best Current Practice), March 1998
Hu, X., Li, B., Zhang, Y., Zhou, C., Ma, H.: Detecting compromised email accounts from the perspective of graph topology. In: Proceedings of ACM Conference on Future Internet Technologies (2016)
Plonka, D., Berger, A.: Temporal and spatial classification of active IPv6 addresses. In: Proceedings of ACM Internet Measurement Conference (2015)
Bortzmeyer, S., Huque, S.: NXDOMAIN: there really is nothing underneath. RFC 8020 (Proposed Standard), November 2016
Richter, P., Smaragdakis, G., Plonka, D., Berger, A.: Beyond counting: new perspectives on the active IPv4 address space. In: Proceedings of ACM Internet Measurement Conference (2016)
IAB, IESG: IAB/IESG recommendations on IPv6 address allocations to sites. RFC 3177 (Informational), September 2001. Obsoleted by RFC 6177
de Velde, G.V., Popoviciu, C., Chown, T., Bonness, O., Hahn, C.: IPv6 unicast address assignment considerations. RFC 5375 (Informational), December 2008
Acknowledgements
We thank the anonymous reviewers and John Heidemann for their helpful feedback. We also thank David Plonka for his valuable feedback and the comparison with the CDN dataset. This material is based on research sponsored by the Defense Advanced Research Projects Agency (DARPA) under agreement number FA8750-15-2-0084, the Office of Naval Research (ONR) under grant N00014-17-1-2011 and N00014-15-1-2948, the National Science Foundation (NSF) under grant DGE- 1623246 and CNS-1704253, a Google Security, Privacy and Anti-Abuse Award to Giovanni Vigna, the Bundesministerium für Bildung und Forschung (BMBF) under Award No. KIS1DSD032 (Project Enzevalos), and a Leibniz Price project by the German Research Foundation (DFG) under Award No. FKZ FE 570/4-1.The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon. Any views, opinions, findings, recommendations, or conclusions contained or expressed herein are those of the authors, and do not necessarily reflect the position, official policies, or endorsements, either expressed or implied, the U.S. Government, DARPA, ONR, NSF, Google, BMBF, or DFG.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Fiebig, T., Borgolte, K., Hao, S., Kruegel, C., Vigna, G., Feldmann, A. (2018). In rDNS We Trust: Revisiting a Common Data-Source’s Reliability. In: Beverly, R., Smaragdakis, G., Feldmann, A. (eds) Passive and Active Measurement. PAM 2018. Lecture Notes in Computer Science(), vol 10771. Springer, Cham. https://doi.org/10.1007/978-3-319-76481-8_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-76481-8_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-76480-1
Online ISBN: 978-3-319-76481-8
eBook Packages: Computer ScienceComputer Science (R0)