[PAST EVENT] Shuai Hao, Computer Science - Oral Exam for the Ph.D. Degree
As one of the most critical components of the Internet, the Domain Name System (DNS) provides the key translation function between the domain names and network addresses to direct clients to specific Internet services. In this proposal, we investigate the different aspects of today's DNS. We first characterize the evolution and features of the DNS resolution infrastructures of web services due to the emergence of third-party hosting services and cloud platforms. At the bottom level of the DNS hierarchy, the authoritative DNS servers (ADNSes) maintain the actual mapping records and answer the DNS queries. Today, the increasing use of upstream ADNS services (i.e., third-party ADNS-hosting services) and Infrastructure-as-a-Service (IaaS) clouds facilitates the establishment of web services, and has been fostering the evolution of the deployment of ADNS servers. To shed light on this trend, in this work we present a large-scale measurement to study the ADNS deployment patterns of modern web services and examine the characteristics of different deployment styles, such as performance, life-cycle of servers, and availability. Furthermore, we focus specifically on the DNS deployment for subdomains hosted in IaaS clouds.
Then, we examine a pervasive misuse of DNS names and explore the straightforward solution to mitigate the performance penalty in DNS cache. DNS cache plays a critical role in domain name resolution, providing (1) high scalability at Root and Top-level-domain name servers with reduced workloads and (2) low response latency to clients when the resource records of the queried domains are cached. However, the pervasive misuses of domain names, e.g., the domains of "one-time-use" pattern, have negative impact on the effectiveness of DNS caching as the cache has been filled with those entries that are highly unlikely to be retrieved. By leveraging the domain name based features that are explicitly available from the domain name itself, we propose simple policies for improving DNS cache performance and validate their efficacy using real traces. In our further work, we aim to study a vulnerability of newly proposed DNS extension, the EDNS-Client-Subnet extension, which may cause the undetectable DNS cache poisoning attack and degraded performance in Content Delivery Networks.
Shuai Hao is a Ph.D. candidate of Computer Science at College of William and Mary and currently a visiting Ph.D. student in Department of Electrical and Computer Engineering at University of Delaware, working with Dr. Haining Wang. His research interests lie in the networking system and security, including the Domain Name System, Content Delivery Networks, Internet measurement, and security on cloud datacenter. He received his B.S and Master degree in Computer Science from North China Electric Power University and Beijing University of Posts and Telecommunications, respectively.