TXTing 101: Finding Security Issues in the Long Tail of DNS TXT Records

Olivier van der Toorn, Roland van Rijswijk-Deij, Tobias Fiebig, Martina Lindorfer, Anna Sperotto

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

8 Citations (Scopus)
217 Downloads (Pure)

Abstract

The DNS TXT resource record is the one with the most flexibility for its contents, as it is a largely unstructured. Although it might be the ideal basis for storing any form of text-based information, it also poses a security threat, as TXT records can also be used for malicious and unintended practices. Yet, TXT records are often overlooked in security research. In this paper, we present the first structured study of the uses of TXT records, with a specific focus on security implications. We are able to classify over 99.54% of all TXT records in our dataset, finding security issues including accidentally published private keys and exploit delivery attempts. We also report on our lessons learned during our large-scale, systematic analysis of TXT records.
Original languageEnglish
Title of host publication2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
Place of PublicationPiscataway, NJ
PublisherIEEE
Pages544-549
Number of pages6
ISBN (Electronic)978-1-7281-8597-2
ISBN (Print)978-1-7281-8598-9
DOIs
Publication statusPublished - Sept 2020
Event5th International Workshop on Traffic Measurements for Cybersecurity, WTMC 2020 - Genoa, Italy
Duration: 7 Sept 20207 Sept 2020
Conference number: 5

Conference

Conference5th International Workshop on Traffic Measurements for Cybersecurity, WTMC 2020
Abbreviated titleWTMC
Country/TerritoryItaly
CityGenoa
Period7/09/207/09/20

Keywords

  • DNS
  • Security
  • Measurement
  • Classification
  • Cybersecurity

Fingerprint

Dive into the research topics of 'TXTing 101: Finding Security Issues in the Long Tail of DNS TXT Records'. Together they form a unique fingerprint.

Cite this