Go to IMC 2021 homepageHome is where the hijacking is: understanding DNS interception by residential routers
Abstract: DNS interception --- when a user's DNS queries to a target resolver are intercepted en route and forwarded to a different resolver --- is a phenomenon of concern to both researchers and Internet users because of its implications for security and privacy. While the prevalence of DNS interception has received some attention, less is known about where in the network interception takes place. We introduce methods to identify where DNS interception occurs and who the interceptors may be. We identify when interception is performed before the query exits the ISP, and even when it is performed by the Customer Premises Equipment (CPE) in the user's own home. We believe that these techniques are vital in the light of the ongoing debate concerning the value of privacy-enhancing DNS transport.
0 Replies
Loading