De-Mystifying and Hardening the Domain Name System

Principal Investigator(s): 
Mark Allman

When the DNS fails, nothing works. One does not need to look beyond many real-world advertising campaigns to appreciate that naming is one of the foundational elements upon which most higher layer Internet services are built. We use names as rendezvous points between users and services (e.g., www.twitter.com). Yet, we do not use names directly in traffic routing. Rather, we turn names into IP addresses via the Domain Name System (DNS). A DNS lookup is therefore a prerequisite for most Internet transactions. This means that the DNS is not only crucial to the operation of the Internet, but DNS is in fact a single point of failure for most Internet transactions. Unfortunately, the DNS ecosystem has slowly evolved from a simple system at its inception to a vastly distributed, complex and brittle system today. The current state of DNS is not befitting of a service that is a single point of failure for most Internet transactions.

This project aims to enhance DNS' robustness by pursuing three different thrusts of activities:

(A) De-mystifying the DNS Ecosystem: This entails empirically investigating several key aspects relating to the robustness of the DNS ecosystem. A large collection of DNSrelated data is being leveraged to better understand how the DNS works in the wild. The goal in this thrust is enhancing the community's mental model of how the system works.

(B) Leveraging Pre-Planning to Increase Robustness: The second thrust involves proactively adding robustness to the DNS. The history of the DNS is one of reacting to problems as they arise (if the problems are detected at all). The goal in this thrust is to design innovative mechanisms that anticipate problems by sharing more information with more actors in the ecosystem. This information will then allow the system to better cope when problems arise.

(C) Experience-based Changes to DNS: The final thrust involves taking what has been learned from previous measurement efforts and designing novel and innovative DNS mechanisms to cope with various issues and, hence, increase the robustness of the system.

Funding provided by NSF