OpenINTEL: digging in the DNS with an industrial size digger: I measured 60% of the DNS, and I found this

Presented at Still Hacking Anyway (SHA2017), Aug. 5, 2017, 11:10 a.m. (60 minutes)

Since early 2015, the University of Twente, SURFnet and SIDN collaborate in the OpenINTEL project. The goal of this project is to perform long-term, large-scale active measurements of the global DNS namespace. Our current coverage is around 60% of the global DNS and included .com, .net, .org, .nl (and other ccTLDs) and most new gTLDs. This talk will explain how we measure at this scale, collecting some 2.2 billion data points per day, and what we can learn about the evolution of the Internet from this data. Examples include adoption of cloud e-mail services and mail security measures, domains crafted for performing DDoS attacks, domains crafted for spam, and many others. #NetworkSecurity See https://www.openintel.nl/ for more information, and a link to relevant papers about the project.

Presenters:

  • Roland van Rijswijk-Deij
    Roland works for SURFnet bv, the National Research and Education Network in the Netherlands. His research interests include network security and network measurements, with a particular interest in DNS and DNSSEC. Roland van Rijswijk-Deij is also a Ph.D. candidate at the University of Twente (defense date June 2017), the Netherlands, in the Design and Analysis of Communication Systems Group. He received an M.Sc. degree in Computer Science from the University of Twente in 2001.

Links:

Similar Presentations: