Abstract
With the rapid development of IPv6 network applications, the transition to IPv6 dns has accelerated. In this process, dual-stack resolvers take on the crucial role that ensures the resolution of domains under hybrid network conditions. However, the lagging deployment of IPv6 defence measures may undermine the overall security of resolvers, making the discovery of dual-stack resolvers vital for DNS security analysis. Previous methods for discovering dual-stack resolvers are built on strong but impractical assumptions, ignoring resolvers with multiple alias IP addresses. In this article, we propose a new dual-stack resolvers discovery model based on alias resolution - DualDNSMiner. DualDNSMiner involves address alias resolution technology in order to recognize hosts with multiple alias addresses and identify dual-stack resolvers. Large-scale measurement experiments show that, DualDNSMiner can reliably discover over 80% more new dual-stack resolvers compared to previous judgment rules. In addition, we put forth a novel approach to validate the accuracy of our findings. The results demonstrate that the precision of DualDNSMiner can exceed over 90%. Finally, the results of DualDNSMiner provide the first proof of the widespread use of alias addresses in DNS resolvers, which is crucial for analyzing the process of DNS’s IPv6 evolution.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Al-Dalky, R., Schomp, K.: Characterization of collaborative resolution in recursive DNS resolvers. In: Beverly, R., Smaragdakis, G., Feldmann, A. (eds.) Passive and Active Measurement. Lecture Notes in Computer Science(), vol. 10771, pp. 146–157. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-76481-8_11
APNIC: Ipv6 capable rate by country. https://stats.labs.apnic.net/ipv6/
APNIC: Use of ipv6 for world (XA). https://stats.labs.apnic.net/IPv6/XA
Bagnulo, M., García-Martínez, A., Van Beijnum, I.: The NAT64/DNS64 tool suite for IPv6 transition. IEEE Commun. Mag. 50(7), 177–183 (2012)
Bagnulo, M., Sullivan, A., Matthews, P., Van Beijnum, I.: DNS64: DNS extensions for network address translation from IPv6 clients to ipv4 servers. Technical report (2011)
Bender, A., Sherwood, R., Spring, N.: Fixing ally’s growing pains with velocity modeling. In: Proceedings of the 8th ACM SIGCOMM Conference On Internet Measurement, pp. 337–342 (2008)
Berger, A., Weaver, N., Beverly, R.: Internet nameserver IPv4 and IPv6 address relationships, pp. 91–104. Association for Computing Machinery (ACM), New York (2013). 10(2504730.2504745)
Beverly, R., Berger, A.: Server siblings: Identifying shared IPv4/IPv6 infrastructure via active fingerprinting. In: Mirkovic, J., Liu, Y. (eds.) Passive and Active Measurement. Lecture Notes in Computer Science(), vol. 8995, pp. 149–161. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-15509-8_12
Beverly, R., Brinkmeyer, W., Luckie, M., Rohrer, J.P.: IPv6 alias resolution via induced fragmentation. In: Roughan, M., Chang, R. (eds.) Passive and Active Measurement. Lecture Notes in Computer Science, vol. 7799, pp. 155–165. Springer, Berlin, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36516-4_16
CoreDNS.io: CoreDNS-cache. https://coredns.io/plugins/cache/
Durand, A., Ihren, J.: DNS IPv6 transport operational guidelines. Technical report (2004)
Durand, A., Droms, R., Lee, Y., Woodyatt, J.: Dual-stack lite broadband deployments following IPv4 exhaustion. RFC 6333 (2011). https://doi.org/10.17487/RFC6333, https://www.rfc-editor.org/info/rfc6333
Elz, R., Bush, R.: RFC2181: clarifications to the DNS specification (1997)
Google: IPv6. https://www.google.com/intl/en/ipv6/statistics.html
Gunes, M.H., Sarac, K.: Analytical IP alias resolution. In: 2006 IEEE International Conference on Communications, vol. 1, pp. 459–464. IEEE (2006)
Hendriks, L., Oliveira Schmidt, R.D., Rijswijk-Deij, R.V., Pras, A.: On the potential of IPv6 open resolvers for DDoS attacks. In: Kaafar, M., Uhlig, S., Amann, J. (eds.) Passive and Active Measurement. Lecture Notes in Computer Science(), vol. 10176, pp. 17–29. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54328-4_2
Hu, Q., Asghar, M.R., Brownlee, N.: Measuring IPv6 DNS reconnaissance attacks and preventing them using DNS guard. In: 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 350–361. IEEE (2018)
Hub, D.: ubuntu-official images. https://hub.docker.com/ubuntu
Huston, G.: IPv6 and the DNS. https://labs.apnic.net/?p=1343
Keys, K., Hyun, Y., Luckie, M., Claffy, K.: Internet-scale IPv4 alias resolution with MIDAR. IEEE/ACM Trans. Networking 21(2), 383–399 (2012)
Klein, A., Shulman, H., Waidner, M.: Internet-wide study of DNS cache injections. In: IEEE INFOCOM 2017-IEEE Conference on Computer Communications, pp. 1–9. IEEE (2017)
Labs, N.: NLnet labs-unbound-about. https://nlnetlabs.nl/projects/unbound/about/
Mockapetris, P.V.: RFC1035: domain names-implementation and specification (1987)
Murdock, A., Li, F., Bramsen, P., Durumeric, Z., Paxson, V.: Target generation for internet-wide IPv6 scanning. In: Proceedings of the 2017 Internet Measurement Conference, pp. 242–253 (2017)
Okamoto, T., Tarao, M.: Implementation and evaluation of an immunity-enhancing module for ISC BIND9. Procedia Comput. Sci. 126, 1405–1414 (2018)
Vixie, P.: Extension mechanisms for DNS (EDNS0). Technical report (1999)
Acknowledgment
This work is supported by the Strategic Priority Research Program of the Chinese Academy of Sciences with No. XDC02030400, the National Key Research and Development Program of China with No. 2021YFB3101001 and No. 2021YFB3101403.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Discovery and Verification Results
A Discovery and Verification Results
Rights and permissions
Copyright information
© 2024 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Han, D. et al. (2024). DualDNSMiner: A Dual-Stack Resolver Discovery Method Based on Alias Resolution. In: Gao, H., Wang, X., Voros, N. (eds) Collaborative Computing: Networking, Applications and Worksharing. CollaborateCom 2023. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 563. Springer, Cham. https://doi.org/10.1007/978-3-031-54531-3_19
Download citation
DOI: https://doi.org/10.1007/978-3-031-54531-3_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-54530-6
Online ISBN: 978-3-031-54531-3
eBook Packages: Computer ScienceComputer Science (R0)