No Time for Downtime: Understanding Post-Attack Behaviors by Customers of Managed DNS Providers

Research output: Chapter in Book/Report/Conference proceedingChapterAcademicpeer-review

2 Citations (Scopus)
193 Downloads (Pure)

Abstract

We leverage large-scale DNS measurement data on authoritative name servers to study the reactions of domain owners affected by the 2016 DDoS attack on Dyn. We use industry sources of information about domain names to study the influence of factors such as industry sector and website popularity on the willingness of domain managers to invest in high availability of online services. Specifically, we correlate business characteristics of domain owners with their resilience strategies in the wake of DoS attacks affecting their domains. Our analysis revealed correlations between two properties of domains – industry sector and popularity – and post-attack strategies. Specifically, owners of more popular domains were more likely to re-act to increase the diversity of their authoritative DNS service for their domains. Similarly, domains in certain industry sectors were more likely to seek out such diversity in their DNS service. For example, domains categorized as General News were nearly 6 times more likely to re-act than domains categorized as Internet Services. Our results can inform managed DNS and other network service providers regarding the potential impact of downtime on their customer portfolio.
Original languageEnglish
Title of host publicationProceedings of the 2022 Workshop on Traffic Measurements for Cybersecurity
Subtitle of host publication2022 IEEE European Symposium on Security and Privacy Workshops
PublisherIEEE
Pages322-331
Number of pages10
ISBN (Electronic)9781665495608
ISBN (Print)978-1-6654-9561-5
DOIs
Publication statusPublished - 27 Jun 2022
Event7th International Workshop on Traffic Measurements for Cybersecurity, WTMC 2022 - Genoa, Italy
Duration: 6 Jun 20226 Jun 2022
https://wtmc.info/index.html

Workshop

Workshop7th International Workshop on Traffic Measurements for Cybersecurity, WTMC 2022
Abbreviated titleWTMC'22
Country/TerritoryItaly
CityGenoa
Period6/06/226/06/22
Internet address

Keywords

  • Managed DNS
  • Availability
  • DDoS attack mitigation
  • Network management

Fingerprint

Dive into the research topics of 'No Time for Downtime: Understanding Post-Attack Behaviors by Customers of Managed DNS Providers'. Together they form a unique fingerprint.

Cite this