You are here

DNS to the rescue: Discerning Content and Services in a Tangled Web

TitleDNS to the rescue: Discerning Content and Services in a Tangled Web
Publication TypeConference Paper
Year of Publication2012
AuthorsBermudez, I N., M. Mellia, M. M. Munafo', R. Keralapura, and A. Nucci
Conference NameInternet Measurement Conference 2012
Date Published11/2012
PublisherACM
Conference LocationBoston, MA
ISBN Number978-1-4503-1705-4
KeywordsDNS, mPlane, passive measurement, WP2
Abstract

A careful perusal of the Internet evolution reveals two major trends - explosion of cloud-based services and video stream- ing applications. In both of the above cases, the owner (e.g., CNN, YouTube, or Zynga) of the content and the organiza- tion serving it (e.g., Akamai, Limelight, or Amazon EC2) are decoupled, thus making it harder to understand the associ- ation between the content, owner, and the host where the content resides. This has created a tangled world wide web that is very hard to unwind, impairing ISPs’ and network administrators’ capabilities to control the traffic flowing in their networks.

In this paper, we present DN-Hunter, a system that lever- ages the information provided by DNS traffic to discern the tangle. Parsing through DNS queries, DN-Hunter tags traf- fic flows with the associated domain name. This association has several applications and reveals a large amount of use- ful information: (i) Provides a fine-grained traffic visibility even when the traffic is encrypted (i.e., TLS/SSL flows), thus enabling more effective policy controls, (ii) Identifies flows even before the flows begin, thus providing superior net- work management capabilities to administrators, (iii) Un- derstand and track (over time) different CDNs and cloud providers that host content for a particular resource, (iv) Discern all the services/content hosted by a given CDN or cloud provider in a particular geography and time interval, and (v) Provides insights into all applications/services run- ning on any given layer-4 port number.

We conduct extensive experimental analysis and show re- sults from real traffic traces (including FTTH and 4G ISPs) that support our hypothesis. Simply put, the information provided by DNS traffic is one of the key components re- quired for understanding the tangled web, and bringing the ability to effectively manage network traffic back to the op- erators. 

URLhttp://dl.acm.org/citation.cfm?id=2398776.2398819&coll=DL&dl=GUIDE&CFID=225051145&CFTOKEN=42401286
DOI10.1145/2398776.2398819
Citation KeyBer2012
Refereed DesignationRefereed
Project year: 
First year
WP(s) associated with the paper: 
WP2 - Programmable Probes
Partner(s) associated with the paper's author(s): 
Politecnico di Torino
Is this an OFFICIALLY supported mPlane paper?: 
Yes
Attachment: