Who Is Answering My Queries - Understanding and Characterizing Interception of the DNS Resolution Path

Explore a comprehensive analysis of DNS interception in this 20-minute conference talk from USENIX Security '18. Delve into the hidden risks of DNS resolution path interception, known as DNSIntercept, where on-path devices spoof IP addresses of user-specified DNS servers. Learn about novel detection approaches applied to over 148,000 residential and cellular IP addresses worldwide. Discover alarming findings, including the prevalence of DNS interception in 8.5% of examined ASes, even among major providers like China Mobile. Gain insights into the security implications of intercepting DNS servers using outdated software and lacking crucial security features such as DNSSEC support. Understand the scope, characteristics, and potential privacy and security issues surrounding on-path DNS interception, and consider possible solutions to address these concerns.

USENIX Security '18 - Who Is Answering My Queries: Understanding and Characterizing Interception...