Academic literature on the topic 'Domain Name System over TLS'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Domain Name System over TLS.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Journal articles on the topic "Domain Name System over TLS"
1
Nakatsuka, Yoshimichi, Andrew Paverd, and Gene Tsudik. "PDoT." Digital Threats: Research and Practice 2, no. 1 (March 2021): 1–22. http://dx.doi.org/10.1145/3431171.
Full textAbstract:
Security and privacy of the Internet Domain Name System (DNS) have been longstanding concerns. Recently, there is a trend to protect DNS traffic using Transport Layer Security (TLS). However, at least two major issues remain: (1) How do clients authenticate DNS-over-TLS endpoints in a scalable and extensible manner? and (2) How can clients trust endpoints to behave as expected? In this article, we propose a novel Private DNS-over-TLS (PDoT) architecture. PDoT includes a DNS Recursive Resolver (RecRes) that operates within a Trusted Execution Environment. Using Remote Attestation , DNS clients can authenticate and receive strong assurance of trustworthiness of PDoT RecRes. We provide an open source proof-of-concept implementation of PDoT and experimentally demonstrate that its latency and throughput match that of the popular Unbound DNS-over-TLS resolver.
2
Singanamalla, Sudheesh, Suphanat Chunhapanya, Jonathan Hoyland, Marek Vavruša, Tanya Verma, Peter Wu, Marwan Fayed, Kurtis Heimerl, Nick Sullivan, and Christopher Wood. "Oblivious DNS over HTTPS (ODoH): A Practical Privacy Enhancement to DNS." Proceedings on Privacy Enhancing Technologies 2021, no. 4 (July 23, 2021): 575–92. http://dx.doi.org/10.2478/popets-2021-0085.
Full textAbstract:
Abstract The Internet’s Domain Name System (DNS) responds to client hostname queries with corresponding IP addresses and records. Traditional DNS is unencrypted and leaks user information to on-lookers. Recent efforts to secure DNS using DNS over TLS (DoT) and DNS over HTTPS (DoH) have been gaining traction, ostensibly protecting DNS messages from third parties. However, the small number of available public large-scale DoT and DoH resolvers has reinforced DNS privacy concerns, specifically that DNS operators could use query contents and client IP addresses to link activities with identities. Oblivious DNS over HTTPS (ODoH) safeguards against these problems. In this paper we implement and deploy interoperable instantiations of the protocol, construct a corresponding formal model and analysis, and evaluate the protocols’ performance with wide-scale measurements. Results suggest that ODoH is a practical privacy-enhancing replacement for DNS.
3
Victors, Jesse, Ming Li, and Xinwen Fu. "The Onion Name System." Proceedings on Privacy Enhancing Technologies 2017, no. 1 (January 1, 2017): 21–41. http://dx.doi.org/10.1515/popets-2017-0003.
Full textAbstract:
Abstract Tor onion services, also known as hidden services, are anonymous servers of unknown location and ownership that can be accessed through any Torenabled client. They have gained popularity over the years, but since their introduction in 2002 still suffer from major usability challenges primarily due to their cryptographically-generated non-memorable addresses. In response to this difficulty, in this work we introduce the Onion Name System (OnioNS), a privacy-enhanced decentralized name resolution service. OnioNS allows Tor users to reference an onion service by a meaningful globally-unique verifiable domain name chosen by the onion service administrator.We construct OnioNS as an optional backwards-compatible plugin for Tor, simplify our design and threat model by embedding OnioNS within the Tor network, and provide mechanisms for authenticated denial-of-existence with minimal networking costs. We introduce a lottery-like system to reduce the threat of land rushes and domain squatting. Finally, we provide a security analysis, integrate our software with the Tor Browser, and conduct performance tests of our prototype.
4
Hoang, Nguyen Phong, Arian Akhavan Niaki, Phillipa Gill, and Michalis Polychronakis. "Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting." Proceedings on Privacy Enhancing Technologies 2021, no. 4 (July 23, 2021): 420–40. http://dx.doi.org/10.2478/popets-2021-0078.
Full textAbstract:
Abstract Although the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by—the still exposed—IP address information. However, content delivery networks, DNS-based load balancing, co-hosting of different websites on the same server, and IP address churn, all contribute towards making domain–IP mappings unstable, and prevent straightforward IP-based browsing tracking. In this paper, we show that this instability is not a roadblock (assuming a universal DoT/DoH and ECH deployment), by introducing an IP-based website finger-printing technique that allows a network-level observer to identify at scale the website a user visits. Our technique exploits the complex structure of most websites, which load resources from several domains besides their primary one. Using the generated fingerprints of more than 200K websites studied, we could successfully identify 84% of them when observing solely destination IP addresses. The accuracy rate increases to 92% for popular websites, and 95% for popular and sensitive web-sites. We also evaluated the robustness of the generated fingerprints over time, and demonstrate that they are still effective at successfully identifying about 70% of the tested websites after two months. We conclude by discussing strategies for website owners and hosting providers towards hindering IP-based website fingerprinting and maximizing the privacy benefits offered by DoT/DoH and ECH.
5
M. Banadaki, Yaser. "Detecting Malicious DNS over HTTPS Traffic in Domain Name System using Machine Learning Classifiers." Journal of Computer Sciences and Applications 8, no. 2 (August 20, 2020): 46–55. http://dx.doi.org/10.12691/jcsa-8-2-2.
Full text
6
Pan, Jiaye, Yi Zhuang, and Binglin Sun. "Efficient and Transparent Method for Large-Scale TLS Traffic Analysis of Browsers and Analogous Programs." Security and Communication Networks 2019 (October 27, 2019): 1–22. http://dx.doi.org/10.1155/2019/8467081.
Full textAbstract:
Many famous attacks take web browsers as transmission channels to make the target computer infected by malwares, such as watering hole and domain name hijacking. In order to protect the data transmission, the SSL/TLS protocol has been widely used to defeat various hijacking attacks. However, the existence of such encryption protection makes the security software and devices confront with the difficulty of analyzing the encrypted malicious traffic at endpoints. In order to better solve this kind of situation, this paper proposes a new efficient and transparent method for large-scale automated TLS traffic analysis, named as hyper TLS traffic analysis (HTTA). It extracts multiple types of valuable data from the target system in the hyper mode and then correlates them to decrypt the network packets in real time, so that overall data correlation analysis can be performed on the target. Additionally, we propose an aided reverse engineering method to support the analysis, which can rapidly identify the target data in different versions of the program. The proposed method can be applied to the endpoints and cloud platforms; there are no trust risk of certificates and no influence on the target programs. Finally, the real experimental results show that the method is feasible and effective for the analysis, which leads to the lower runtime overhead compared with other methods. It covers all the popular browser programs with good adaptability and can be applied to the large-scale analysis.
7
Antic, Djordje, and Mladen Veinovic. "Implementation of DNSSEC-secured name servers for ni.rs zone and best practices." Serbian Journal of Electrical Engineering 13, no. 3 (2016): 369–80. http://dx.doi.org/10.2298/sjee1603369a.
Full textAbstract:
As a backbone of all communications over the Internet, DNS (Domain Name System) is crucial for all entities that need to be visible and provide services outside their internal networks. Public administration is a prime example for various services that have to be provided to citizens. This manuscript presents one possible approach, implemented in the administration of the City of Nis, for improving the robustness and resilience of external domain space, as well as securing it with DNSSEC (DNS Security Extensions).
8
Eddie, Brian J., and Thomas E. Hanson. "Chlorobaculum tepidum TLS Displays a Complex Transcriptional Response to Sulfide Addition." Journal of Bacteriology 195, no. 2 (November 16, 2012): 399–408. http://dx.doi.org/10.1128/jb.01342-12.
Full textAbstract:
ABSTRACTChlorobaculum tepidumis a green sulfur bacterium (GSB) that is a model system for phototrophic sulfur oxidation. Despite over 2 decades of research, conspicuous gaps exist in our understanding of its electron donor metabolism and regulation. RNA sequencing (RNA-seq) was used to provide a global picture of theC. tepidumtranscriptome during growth on thiosulfate as the sole electron donor and at time points following the addition of sulfide to such a culture. Following sulfide addition, 121 to 150 protein-coding genes displayed significant changes in expression depending upon the time point. These changes included a rapid decrease in expression of thiosulfate and elemental sulfur oxidation genes. Genes and gene loci with increased expression included CT1087, encoding a sulfide:quinone oxidoreductase required for growth in high sulfide concentrations; a polysulfide reductase-like complex operon,psrABC(CT0496 to CT0494); and, surprisingly, a large cluster of genes involved in iron acquisition. Finally, two genes that are conserved as a cassette in anaerobic bacteria and archaea, CT1276 and CT1277, displayed a strong increase in expression. The CT1277 gene product contains a DNA-binding domain, suggesting a role for it in sulfide-dependent gene expression changes.
9
Tsai, Hsiao-Chung, Kuo-Chen Lu, Russell L. Elsberry, Mong-Ming Lu, and Chung-Hsiung Sui. "Tropical Cyclone–like Vortices Detection in the NCEP 16-Day Ensemble System over the Western North Pacific in 2008: Application and Forecast Evaluation." Weather and Forecasting 26, no. 1 (February 1, 2011): 77–93. http://dx.doi.org/10.1175/2010waf2222415.1.
Full textAbstract:
Abstract An automated technique has been developed for the detection and tracking of tropical cyclone–like vortices (TCLVs) in numerical weather prediction models, and especially for ensemble-based models. A TCLV is detected in the model grid when selected dynamic and thermodynamic fields meet specified criteria. A backward-and-forward extension from the mature stage of the track is utilized to complete the track. In addition, a fuzzy logic approach is utilized to calculate the TCLV fuzzy combined-likelihood value (TFCV) for representing the TCLV characteristics in the ensemble forecast outputs. The primary objective of the TCLV tracking and TFCV maps is for use as an evaluation tool for the operational forecasters. It is demonstrated that this algorithm efficiently extracts western North Pacific TCLV information from the vast amount of ensemble data from the NCEP Global Ensemble Forecast System (GEFS). The predictability of typhoon formation and activity during June–December 2008 is also evaluated. The TCLV track numbers and TFCV averages around the formation locations during the 0–96-h period are more skillful than for the 102–384-h forecasts. Compared to weak tropical cyclones (TCs; maximum intensity ≤ 50 kt), the storms that eventually become stronger TCs do have larger TFCVs. Depending on the specified domain size and the ensemble track numbers to define a forecast event, some skill is indicated in predicting the named TC activity. Although this evaluation with the 2008 typhoon season indicates some potential, an evaluation with a larger sample is necessary to statistically verify the reliability of the GEFS forecasts.
10
Helming, Paula, Axel von Freyberg, Michael Sorg, and Andreas Fischer. "Wind Turbine Tower Deformation Measurement Using Terrestrial Laser Scanning on a 3.4 MW Wind Turbine." Energies 14, no. 11 (June 2, 2021): 3255. http://dx.doi.org/10.3390/en14113255.
Full textAbstract:
Wind turbine plants have grown in size in recent years, making an efficient structural health monitoring of all of their structures ever more important. Wind turbine towers deform elastically under the loads applied to them by wind and inertial forces acting on the rotating rotor blades. In order to properly analyze these deformations, an earthbound system is desirable that can measure the tower’s movement in two directions from a large measurement working distance of over 150 m and a single location. To achieve this, a terrestrial laser scanner (TLS) in line-scanning mode with horizontal alignment was applied to measure the tower cross-section and to determine its axial (in the line-of-sight) and lateral (transverse to the line-of-sight) position with the help of a least-squares fit. As a result, the proposed measurement approach allowed for analyzing the tower’s deformation. The method was validated on a 3.4 MW wind turbine with a hub height of 128 m by comparing the measurement results to a reference video measurement, which recorded the nacelle movement from below and determined the nacelle movement with the help of point-tracking software. The measurements were compared in the time and frequency domain for different operating conditions, such as low/strong wind and start-up/braking of the turbine. There was a high correlation between the signals from the laser-based and the reference measurement in the time domain, and the same peak of the dominant tower oscillation was determined in the frequency domain. The proposed method was therefore an effective tool for the in-process structural health monitoring of tall wind turbine towers.
Dissertations / Theses on the topic "Domain Name System over TLS"
1
Biolek, Martin. "Klientská aplikace protokolu DNS s grafickým rozhraním pro účely výuky." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2021. http://www.nusl.cz/ntk/nusl-442404.
Full textAbstract:
The goal of the Master thesis on the topic of the Client application of DNS protocol with graphical interface for teaching purposes is to create a program with the features of sending, receiving DNS, MDNS and LLMNR protocols with optional parameters. Additionally, compare the created application with available tools such as Nslookup, Dig and create examples of application for teaching.
Books on the topic "Domain Name System over TLS"
1
Schiller, Dan. Beyond a U.S.-centric Internet? University of Illinois Press, 2017. http://dx.doi.org/10.5406/illinois/9780252038761.003.0013.
Full textAbstract:
This chapter examines the mechanism of the United States's internet control over the Domain Name System (DNS). The mechanism of U.S. internet control over the DNS was formalized after President Bill Clinton directed the Commerce Department to privatize the DNS in 1997. Legal contracts were drawn up, binding the Department to a for-profit corporation called VeriSign and to a private, not-for-profit corporation, the Internet Corporation for Assigned Names and Numbers (ICANN). The chapter considers the Commerce Department's DNS initiative as an example of the geopolitics of today's internet, an extraterritorial projection of U.S. policymaking that was extraordinary for transforming into a venue where other countries mounted a concerted diplomatic challenge to U.S. power. The chapter also discusses the multi-stakeholderism in U.S.-centric internet and Edward Snowden's revelations regarding the National Security Agency's surveillance of global internet traffic.
Book chapters on the topic "Domain Name System over TLS"
1
Riordan, Jaani. "Trade Marks and Passing Off." In The Liability of Internet Intermediaries. Oxford University Press, 2016. http://dx.doi.org/10.1093/oso/9780198719779.003.0007.
Full textAbstract:
This chapter examines the secondary liability of internet intermediaries for trade mark infringement and passing off occurring online. The internet intrinsically relies upon a functioning system of domain names, keyword-based search tools, and advertising. These arenas present ample opportunities for conflict over protected signs. At one extreme are territorial conflicts between legitimate traders who happen to possess parallel rights in different jurisdictions; at the other extreme lie cases of opportunistic squatting on a rivalrous keyword resource, such as a domain name, for commercial gain, or outright counterfeiting. Within the contested space that lies between, the line between honest and unfair competition is becoming increasingly blurred, as traders seek to exploit rivals’ names in keyword advertising, practise aggressive search engine optimisation, and compete for traffic, reputation, and attention. The zone of accepted commercial practices is fluid and extremely nebulous.
2
Keats, Jonathon. "Unparticle." In Virtual Words. Oxford University Press, 2010. http://dx.doi.org/10.1093/oso/9780195398540.003.0007.
Full textAbstract:
“All science is either physics or stamp collecting.” So claimed Ernest Rutherford, the British physicist who discovered the atomic nucleus in 1910, touting the explanatory power of physics over the busywork of classifying elements or planets or animals. One hundred years later, the endless variety of matter postulated by physics—within the nucleus and throughout the universe—has far surpassed the inventories of the periodic table and solar system, leading particle physicists to refer to their domain as a bestiary and one textbook to be aptly titled A Tour of the Subatomic Zoo. There are electrons and protons and neutrons, as well as quarks and positrons and neutrinos. There are also gluons and muons—the unexpected discovery of which, in 1936, led the physicist Isidor Rabi to quip, “Who ordered that?”—and potentially axions and saxions and saxinos. In this menagerie it’s not easy for a new particle, especially a hypothetical one, to get attention. The unparticle, first proposed by American physicist Howard Georgi in 2007, is therefore remarkable for garnering worldwide media attention and spurring more than a hundred scholarly papers, especially considering that there’s no experimental evidence for it, nor is it called for mathematically by any prior theory. What an unparticle is, exactly, remains vague. The strange form of matter first arose on paper when Georgi asked himself what properties a “scale-invariant” particle might have and how it might interact with the observable universe. Scale invariance is a quality of fractals, such as snowflakes and fern leaves, that makes them look essentially the same at any magnification. Georgi’s analogous idea was to imagine particles that would interact with the same force regardless of the distance between them. What he found was that such particles would have no definite mass, which would, for example, exempt them from obeying special relativity. “It’s very difficult to even find the words to describe what unparticles are,” Georgi confessed to the magazine New Scientist in 2008, “because they are so unlike what we are familiar with.” For those unprepared to follow his mathematics, the name evokes their essential foreignness.