Abstract
The DNS TXT resource record is the one with the most flexibility for its contents, as it is a largely unstructured. Although it might be the ideal basis for storing any form of text-based information, it also poses a security threat, as TXT records can also be used for malicious and unintended practices. Yet, TXT records are often overlooked in security research. In this paper, we present the first structured study of the uses of TXT records, with a specific focus on security implications. We are able to classify over 99.54% of all TXT records in our dataset, finding security issues including accidentally published private keys and exploit delivery attempts. We also report on our lessons learned during our large-scale, systematic analysis of TXT records.
Original language | English |
---|---|
Title of host publication | 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) |
Place of Publication | Piscataway, NJ |
Publisher | IEEE |
Pages | 544-549 |
Number of pages | 6 |
ISBN (Electronic) | 978-1-7281-8597-2 |
ISBN (Print) | 978-1-7281-8598-9 |
DOIs | |
Publication status | Published - Sept 2020 |
Event | 5th International Workshop on Traffic Measurements for Cybersecurity, WTMC 2020 - Genoa, Italy Duration: 7 Sept 2020 → 7 Sept 2020 Conference number: 5 |
Conference
Conference | 5th International Workshop on Traffic Measurements for Cybersecurity, WTMC 2020 |
---|---|
Abbreviated title | WTMC |
Country/Territory | Italy |
City | Genoa |
Period | 7/09/20 → 7/09/20 |
Keywords
- DNS
- Security
- Measurement
- Classification
- Cybersecurity