Wednesday 28 June 2017, 14:30, Prof.dr. G. Berkhoff-Zaal
improving dns security - a measurement-based approach
The Domain Name System (DNS) plays a vital role in today's Internet. It translates human readable names (such as www.example.com) into machine readable information (such as 220.127.116.11). The DNS was developed in the early 1980s, as the Internet started to expand. At that time, security was not a design concern. Consequently, it is no surprise that DNS turns out to be vulnerable. In the '90s, a type of attack called cache poisoning surfaced. This type of attack became more sophisticated over time, reaching a crescendo in 2008. In that year, a security researcher revealed a variant of the attack that could effectively take over an entire domain, potentially misdirecting thousands of Internet users to malicious sites, such as phishing sites.
The discovery of cache poisoning triggered the development of the DNS Security Extensions. DNSSEC addresses DNS's vulnerabilities by adding two key properties. First, authenticity, the guarantee that information in the DNS comes from a legitimate source. Second, integrity, the guarantee that DNS data has not been modified in transit. DNSSEC uses digital signatures to achieve these goals. DNSSEC improves both the security of the DNS, and the trust fabric of the Internet. Yet DNSSEC deployment is far from universal. Only an estimated 3% of all domains worldwide deploy DNSSEC. This number seems disappointing, raising the question if there are problems with DNSSEC.
Apart from the fact that the DNS itself needs to be secure, the data contained in the DNS is vital for the security and stability of the Internet. Take e-mail, for example. The DNS contains data used, e.g., to combat spam and e-mail forgery. As the DNS is such an integral part of Internet services, online criminals, by necessity, also have to register data in the DNS. E.g., to mount a phishing campaign, domains need to be set up in the DNS from which to send e-mail. The DNS also plays a role in the resilience of Internet services to attacks. For example, the DNS can be used for traffic redirection to services that protect against DDoS attacks. DNS data can also reveal single points of failure, such as the use of a single DNS provider for a domain. Real-world experience shows that such single points of failure break down under sustained attack.
Because of the vital role of data in the DNS in Internet security and stability, researchers and anti-abuse organisations have developed approaches to measure what is in the DNS. Existing approaches to large-scale measurement of the DNS passively record DNS usage. This can unveil, e.g., malicious activity after it occurred. But what if a domain has not been used yet? Or what if a domain is not requested very frequently and thus rarely observed in passive traces? Actively measuring what is in the DNS will record data for domains, regardless of use or popularity. Additionally, active measurements can be timed to record DNS data at predictable intervals, rather than depending on passively observing DNS traffic as it happens. Such time series can assist in uncovering trends in Internet use. Yet no large-scale active DNS measurement systems exist.
Given the importance of DNS and DNSSEC for the security of the Internet, this thesis has two main contributions. First, this thesis studies if there are technical problems with DNSSEC, that limit its deployment, and if that is found to be the case, what these problems are and how they can be solved. Second, this thesis studies how we can actively perform comprehensive measurements of the global DNS in a scalable manner, to complement existing passive DNS measurement approaches.
Focusing on the first contribution, this thesis shows that two technical problems in DNSSEC form a barrier to deployment. The first is fragmentation. Due to the inclusion of digital signatures, DNSSEC messages are larger than DNS messages. Therefore, DNSSEC messages are frequently fragmented into multiple Internet packets during transmission. Unfortunately, fragmented messages are prone to being blocked by, e.g., firewalls. This thesis shows that up to 10% of Internet hosts are unable to receive fragmented DNSSEC messages. This leads to reachability problems for domains that deploy DNSSEC. The second problem is amplification. DNS can be abused for so-called amplification attacks. These can have devastating effects on the Internet. Amplification attacks were used for some of the largest denial-of-service attacks in recent history. The effectiveness of these attacks depends on message size. Thus, since DNSSEC makes DNS messages larger, it makes the amplification problem worse. This thesis finds that use of DNSSEC can increase amplification by 6x to 12x, on average.
DNSSEC's larger message size is at the heart of both problems. Can we, therefore, solve these problems by somehow reducing DNSSEC message sizes? DNSSEC messages are large because of the inclusion of cryptographic keys and digital signatures. By default, DNSSEC uses a signature scheme called RSA. While RSA was the 'safe' choice during DNSSEC's development, it has one major drawback: its keys and signatures are large, and continue to grow in size as security requirements are tightened. Fortunately, newer signature algorithms are equally suited for use in DNSSEC. In particular, algorithms based on Elliptic Curve Cryptography (ECC), which have much smaller keys and signatures. This thesis proves that use of ECC can effectively and safely solve the problems of fragmentation and amplification. This was not self-evident, since a major drawback is that ECC signature validation is up to two orders of magnitude slower than RSA. Use of ECC could thus potentially introduce performance problems in DNSSEC. In this thesis we analyse this potential problem and prove that ECC's slower signature validation will not impose an insurmountable burden on the global DNS infrastructure. This takes away the last hurdle to large-scale deployment of DNSSEC using ECC.
Focusing on the second contribution, this thesis introduces a large-scale long-term active measurement system for the DNS. The system currently performs daily measurements for 60% of the global domain namespace, including major domains such as .com, .net and .org. The thesis shows how we overcome the unique challenges that come with measuring the DNS at such scale. It proposes a measurement architecture able to measure even the largest top-level domain (.com) on a daily basis. Furthermore, and equally importantly, the thesis shows how we can measure at such a scale without adversely impacting the DNS by overloading it with queries. The measurements result in unique longitudinal datasets of the DNS, that can serve to improve the security of the Internet. This is illustrated with five case studies. The first two focus on e-mail security. The third demonstrates use of this data in a real-world security incident, a case of so-called 'CEO fraud'. The fourth case study is about the resilience of the Internet under large-scale DDoS attacks, in particular the large attack on DNS operator Dyn in 2016. The fifth and final case study measures adoption of the elliptic curve signature schemes discussed earlier, that can help solve the problems in DNSSEC.
Finally, as the measurement data that forms the basis for the results presented in this thesis has value for the research community, where possible we have released datasets as open data. Where data cannot be publicly disclosed, it is made accessible to fellow researchers under restrictions or in aggregate form. This provides a basis for future research that builds on the results of this thesis.