Magaña Lizarrondo, Eduardo

Profile Picture

Email Address

person.page.identifierURI

https://academica-e.unavarra.es/handle/2454/49486

Birth Date

Job Title

Last Name

Magaña Lizarrondo

First Name

Eduardo

person.page.departamento

Ingeniería Eléctrica, Electrónica y de Comunicación

person.page.instituteName

ISC. Institute of Smart Cities

ORCID

0000-0002-6851-3414

person.page.observainves

88546

person.page.upna

2199

Name

Filters

20211
Reset filters

Settings

Subject: DNS cache ×

Search Results

Now showing 1 - 1 of 1
  • Thumbnail Image
    PublicationOpen Access
    On the reduction of authoritative DNS cache timeouts: detection and implications for user privacy
    (Elsevier, 2021) Hernández Quintanilla, Tomás; Magaña Lizarrondo, Eduardo; Morató Osés, Daniel; Izal Azcárate, Mikel; Ingeniaritza Elektrikoa, Elektronikoaren eta Telekomunikazio Ingeniaritzaren; Institute of Smart Cities - ISC; Ingeniería Eléctrica, Electrónica y de Comunicación
    The domain name system (DNS) is an Internet network service that is used by hosts to resolve IP addresses from symbolic names. This basic service has been attacked and abused many times, as it is one of the oldest and most vulnerable services on the Internet. Some DNS resolvers conduct DNS manipulation, in which authoritative DNS responses are modified. This DNS manipulation is sometimes used for legitimate reasons (e.g., parental control) and other times is used to support malicious activities, such as DNS poisoning or data collection. Between these DNS manipulation activities, some Internet service providers (ISPs) are changing the DNS cache timeout of the DNS responses with which their DNS resolvers responded to obtain additional data about their subscribers. These data can be a detailed web browsing profile of the user. This approach does not require a large investment and can yield huge benefits if the information is used or sold. Therefore, user privacy is disputed. We conducted a study in which we analyse how ISPs use this DNS manipulation, propose a method for identifying this DNS manipulation by the end-user and determine the amount of information an ISP can collect by using it. We also developed a public web tool, for which the source code is available, that can help Internet users determine whether their privacy is being compromised by their ISP via the exploitation of DNS cache timeouts. This service can facilitate the collection of data on how many people are victims of this abuse and which ISPs around the world are utilizing this technique.