CASE STUDY ON

“Domain Name System (DNS)”

Submitted By:

Ritish Chauhan, UID- 24MCA20305

Under The Guidance of:

Dr. Abdullah

OCTOBER, 2024

University Institute of Computing

Chandigarh University,
Mohali, Punjab

1
 CERTIFICATE

This is to certify that Ritish Chauhan (UID- 24MCA20305) have successfully

completed CASE STUDY title “Domain Name System” at University Institute of
Computing under my supervision and guidance in the fulfilment of requirements of
first semester, Master of Computer Applications. Of Chandigarh University,
Mohali, Punjab.

______________________ ______________________

Dr. Abdullah Dr. Abdullah

Head of the Department Project Guide Supervisor

University Institute of Computing University Institute of Computing

2
 ACKNOWLEDGEMENT

I wish to express my sincere thanks to my project guide, Dr. Abdullah, for his
guidance and support throughout the completion of this project. His insightful
suggestions helped me refine the project scope and encouraged me to delve deeper
into the subject matter.
I also want to extend my gratitude to Dr. Abdullah (HOD, University Institute of
Computing) for providing an academic atmosphere conducive to learning. Finally,
I would like to thank my friends and family for their unwavering support throughout
this project.

Date:22.10.2024

Place: Chandigarh University, Mohali, Punjab

Ritish Chauhan, UID- 24MCA20305

3
 ABSTRACT

The DNS is a very critical component of the infrastructure of the internet; it acts as a two-
way translator that converts user-friendly names of domains into the readability of machine-
made IP addresses. By thus having a hierarchical naming system, one can acquire access to
sites and internet services by only remembering domain names instead of the more
complicated numerical addresses. DNS is necessary for internet communication in that it
translates domain names into corresponding IP addresses, hence, ensuring that traffic flows
to the right place quite smother and more effectively.

This DNS infrastructure consists of a distributed hierarchy of servers, namely root, top-level
domain servers, authoritative servers, and recursive resolvers. When the end user types in
the domain name into a browser, the browser actually sends a query for the DNS. Before
this query goes out, though, it checks its cache to see if it has that IP address. If the cache
does not contain the answer, it will go down the DNS hierarchy to seek authoritative servers
that can provide the answer to that domain name. The authoritative server then returns this
IP address to the resolver, who in turn passes it on to the browser.

DNS is also vulnerable to a wide range of security threats, which include DNS poisoning,
DNS amplification attacks, and DNS tunneling. In light of such risks, a number of security
measures have been implemented to address these problems. Some of the most significant
of these measures include DNS Security Extensions (DNSSEC), which provide
cryptographic authentication and integrity to the DNS data.

The advances in the internet will continue to affect DNS, and it shall adapt to new
challenges and opportunities. The near-future trends include increasing automation and
orchestration of DNS operation activities, better security for DNS, integration of DNS with
other internet technologies, and new styles of domain names.

4
 TABLE OF CONTENTS
Introduction
i What is DNS?
ii Importance of DNS in the internet infrastructure 6-8
iii Brief history of DNS
iv DNS architecture and components
DNS Functions and Processes
i Name resolution process
ii DNS query and response 8-9
iii DNS record types (A, CNAME, MX, etc.)
iv DNS caching and performance optimization
DNS Security
i DNS threats and vulnerabilities (DNS poisoning, amplification
attacks, tunnelling) 9-11
ii DNS Security Extensions (DNSSEC)
iii DNSSEC implementation and benefits
iv Other DNS security measures (DNS filtering, rate limiting)
DNS and Internet of Things (IoT)
i Unique challenges and opportunities for DNS in IoT environments
ii DNS protocols and standards for IoT devices 11-
iii DNS security considerations for IoT 13
iv IoT-specific DNS services and applications

Future Trends and Developments

i DNS automation and orchestration
ii DNS integration with other network technologies (IPv6, NFV) 13-14
iii DNS and emerging internet applications (Web3, Metaverse)
iv DNS research and advancements
Case Studies and Examples
i Real-world DNS incidents and case studies
15-16
ii Successful DNS deployments and best practices
iii DNS-related research projects and academic papers
Conclusion 16
References 17

5
 Introduction
The Domain Name System or DNS is basically one of the integral parts of the internet
infrastructure, and it acts as a critical translator from human-readable domain names, like
[invalid URL removed], to machine-interpretable IP addresses, like 192.168.1.1. Thanks to
this hierarchical naming system, it was made possible to access sites and online services by
simple typing-in of memorable domain names instead of complicated numerical addresses.
DNS plays a very important role by solving the names of the domains with their respective
IP addresses so that internet communication takes a correct path and reaches to the
destination in a very efficient and reliable manner. DNS acts as a distributed database
which contains information about different domain names and their respective IP
addresses. It is a hierarchical, structured domain, with the top-level domains such as .com,
.net, .org, etc., followed by the country-code TLDs and so on to subdomains down to the
lowest level. When a user types any domain name in his browser, it sends out a DNS query
to a local recursive resolver. Now, the resolver will try to look for that IP address in its
cache. In case it cannot find the IP it looks up in the DNS authority server hierarchy until it
finds the authoritative server that holds the details of that domain name. The authoritative
server returns the IP to the resolver, which then passes the details on to the browser.

DNS is the backbone of internet services; it allows people to go freely and easily on the
internet, share online resources, and thus provides infrastructure for a number of internet
applications, such as mail, web hosting, and cloud computing.

What is DNS
A distributed database for the storage of information about domain names and their
corresponding IP addresses is called the Domain Name System (DNS). Essentially, it is a
global phonebook that enables different devices to find each other and communicate
effectively.
When you enter a domain name in your browser such as "example.com", a DNS query is
forwarded to a local recursive resolver.
This resolver checks its cache for the IP address assigned to "example.com." It has no
choice but to pass it off to a series of DNS servers, starting at the root server and going
down them in sequence all the way down to one that it can relay that query to the
authoritative server for "example.com." The authoritative server returns that IP address to
the resolver, which then supplies it to the browser. In fact, DNS is central to enabling the
internet to work. Without it, users would have to remember and then type in long strings of
numbers abbreviated as IP addresses to access a particular website. DNS makes the internet
user-friendly and accessible.

6
Importance of DNS in the internet infrastructure
The Domain Name System, DNS, constitutes part of the internet infrastructure. It works as
a translator to make human-readable domain names into machine-interpretable IP
addresses. Such an infrastructure is crucial for the guaranteed operation of the internet
without major hitch, optimized routing, load balancing, and failover processes. DNS also
enhances user access, where the user can login to a website or any online service using
names of domains instead of IP addresses that are normally cumbersome. DNS plays a big
role in the security protocols, such as DNSSEC, that ensure prevention of some attacks on
DNS and also keep safe data on the DNS. DNS, in short, is the backbone of the Internet that
presents users with accessible sites for achieving convenience and security while getting
information online.

Brief history of DNS

On the other hand, the DNS has a relatively small time history as compared to the internet,
which was long and storied. Its conception arose from growing needs for having a more
user-friendly and efficient way of accessing resources on the early internet.

It was still in its cradle during the early 1980s. Accessing a website called for remembering
a long string of numbers called an IP address or, more frequently, typing it in-that was
clumsy and error-prone. Enter Paul Mockapetris at the University of California, Los
Angeles (UCLA) who in 1983 became the creator of the DNS. The growth was extremely
fast, and then it became really an essential element in the infrastructure of the internet. And
since then, DNS has continued to evolve with new features and new protocols which have
improved performance, security, and scalability of the system. Today, DNS has emerged as
the backbone of the Internet, providing easy access to millions of websites and services
available on the web.

DNS Architecture and Components

The Domain Name System, or DNS, is a distributed system of a hierarchy of servers. Such
servers work together to take a domain name and reveal the corresponding IP address so
that different devices on the internet can communicate with each other.

These would typically consist of the following elements in the DNS structure:
Root Servers: The top-level servers have all the information for the root zone of the DNS
namespace. There are 13 root servers spread all over the globe, operated in different
organizations.

7
TLD Servers These operate specific TLDs like .com, .net, .org, and country-code TLDs.
They keep records of the authoritative servers for the domains within their specific TLDs.
Authoritative Servers These servers can be said to solve domain names within some
domain zone. A server has a record of DNSs of domains and IP addresses.
Recursive resolvers: These are typically installed on end-user devices or network
infrastructure and collect answers from authoritative servers to respond to DNS requests.
They cache the domain name resolved and its actual IP addresses for better efficiency. This
query process initiates when a device owned by a user sends that query to the closest
recursive resolver. The recursive resolver checks for the proper IP address in the cache. If it
is not found in cache, it sends the query on to the authoritative servers up the hierarchical
hierarchy. The authoritative server sends back the IP address to the resolver, which then
sends it on to the device owned by the user.

DNS Functions and Processes

Name resolution process
This process then takes the otherwise human-readable domain name and makes it into a
machine-readable IP address. Here, a local recursive resolver is already in place, which had
been queried by a user who had just inputted a domain name to a web browser. A DNS
query therefore is a request by a client, such as a web browser, to a DNS server with a
request to resolve a domain name. It includes the name of the domain and also includes
information being sought; such as an A record for an IP address or MX record for a mail
server. It processes this by conducting a search in its database for the information being
requested and returns such information back to the client in response. Response should
read as either that requested information or else an error message showing that the domain
name could not be resolved.

DNS query and response

A DNS query is essentially the request that the client-most probably a web browser-will
send over to a DNS server to request the resolution of a domain name. It mainly consists of
a domain name and the type of information requested-for example, an A record for an IP
address or an MX record for a mail server. The server then processes the query and is going
to search its database for any information which corresponds to the query and then return
the result to the client. This may even have the required information or even an error
message if the domain name can't be resolved.
DNS record types
Different DNS record types are supported; here, each has its specific use:

A record maps a domain name to an IPv4 address.

AAAA records associate a domain with a version-6 IPv6 address.

8
CNAME Record: An alias of another domain name.
MX Record: specifies the exchange servers for mail available for your domain.
TXT Record: It contains any text data relating to a domain.
NS Record: This specifies the authoritative name servers for a domain. SRV Record: It
indicates which server provides a specific service for a given domain.

DNS caching and performance optimization

DNS caching relies on the resolved domain names with their respective IP
addresses being stored locally or in a network cache to make it more effective.
After receiving a query, it checks its own cache if the requested information is
already there. If it finds that the requested information is already cached, it returns
the cache results without contacting authoritative servers. This results in a drastic
fall in query latency and also enhances the overall performance of the internet.

Most of these implementations happen at the level of local resolvers, network

routers, and content delivery networks (CDNs). Proper deployment of caching
will be ensured by DNS to optimize network traffic and off-load DNS servers.

DNS Security
DNS security forms an essential part of internet infrastructure as, though DNS determines
and plays a crucial role in routing traffic, it maintains the integrity of online
communication. However, several security vulnerabilities make DNS susceptible to a
threat that can compromise internet services and their security.

DNS Threats and vulnerabilities

DNS is a very crucial component of internet infrastructure but highly susceptible to diverse
security threats that can jeopardize the reliability and security of DNS in use. The most
common DNS threats and vulnerabilities include the following:

DNS Poisoning: Hackers can alter DNS records in such a way that users are redirected to
cybercrime destinations or servers. The user may, under such a scenario, lose sensitive
information, experience the download of malware, phishing attacks, etc.

DNS Amplification Attacks: This type of attack sends a massive traffic flow used in denial-
of-service attacks against systems from the DNS resolvers.

DNS Tunnelling : Hackers make use of DNS for exfiltrating data or even creating secret
channels of communication.

9
DNS Cache Poisoning: An attacker can insert malicious DNS records in the cache of a
recursive resolver. This makes it to get domain name resolutions incorrect.

DNS Hijacking: This attacker may intercept the DNS traffic and redirect it to some
unsuitable server.

DNS Tunnelling: The attacker uses the DNS protocol as a tunnelling mechanism by other
protocols.

DNS Security Extensions

DNS Security Extensions, or DNSSEC, typically refer to a collection of protocols and
algorithms, most commonly cryptographic authentication and integrity for DNS data. It
basically provides such security that in transmission, the DNS records were not
compromised or changed in any way, and therefore it acts as a protection against poisoning
attacks or such attacks.

It uses digital signatures for authenticating the DNS records. The reply generated by
authoritative server on receiving the query for the DNS includes the DNS record and
digital signature. The resolver, at the other end, can verify it using the public key of the
authoritative server. Once proved to be valid, the resolver relies upon the authenticity of the
DNS record.

DNSSEC implementation and benefits

The implementation of DNSSEC is challenging because it occurs at different layers of
DNS infrastructure. Nevertheless, the strengths of DNSSEC far outweigh its weaknesses.
Some of the most significant advantages of DNSSEC are summarized as follows:

DNS poisoning protection: With DNSSEC, DNS records are protected from alteration in
transit so that an attacker cannot redirect a user to some nefarious web sites.
Added security: DNSSEC can also prove to be a deterrent or a preventive measure against
other forms of DNS attacks such as DNS tunnelling and DNS hijacking.
Increasing confidence among users: With DNSSEC in place, users will have increased
confidence on the internet because it will enable assurance to them that websites or any
type of online service would be authentic.
Compliance: There is a strong likelihood that organizations will be forced to deploy
DNSSEC based on requirements of some industries or even any kind of regulatory
compliance.

Other DNS security measures

Apart from DNSSEC, there are quite a few other security measures that can safeguard the
DNS infrastructure. There are some of them,

DNS Filtering: This is for filtering malicious or unwanted access to certain websites.
This could place rate limiting on how many DNS requests one client can make in one go
that can prevent an amplification attack on DNS.

10
Validating DNSSEC signatures: an implementing recursive resolver that begins to
implement DNSSEC validation will validate the DNS records as authentic and valid.
DNS Encryption: Protocols such as DoH and DoT, which encrypt the DNS protocol, may
avoid interception of the queries and responses of the DNS.
DNS Monitoring and Threat Detection: It continuously monitors DNS traffic; so
mechanisms for threat detection are provided to alert possible security incidents so that
timely action is taken.

DNS and Internet of Things (IoT)

Unique Challenges and opportunities for DNS in IoT

Internet of Things technology poses distinctive challenges for the DNS. The growing
numbers of IoT devices are going to imply an ever-increasing requirement for efficient,
scalable DNS services that support these discovery and communications as well as
management.

Challenges:

Mass deployment: This would strain existing DNS infrastructure at scale, requiring
scalable and efficient solutions.
Heterogeneity: The shapes and sizes of different IoT devises can be varied based on the
variance in capabilities and requirements. Here, it is always difficult to ensure that such
heterogeneity assures a unified DNS.
Security: It is well known that most of the IoT devices are prone to security threats. Here,
DNS has a definite role ensuring that the attacks do not succeed.
Dynamic nature: The devices may be having dynamic IP addresses or a constantly
changing topology of the network, which can make it difficult for DNS to trace their
whereabouts.

Opportunities:

Management: DNS allows the IoT devices to be managed easily through remote
configurations, updates, and monitoring of devices.
Security: DNS can manage and safeguard IoT devices from security attacks in the form of
poisoning of DNS cache or amplification attacks.

11
New application: DNS can be used to offer new applications and services related to IoT,
such as smart home and smart city and industrial automation.
Scalability: DNS is scalable hence capable of catering for a more and more massive
number of IoT devices so that each could be situated and communicated with easily.

DNS protocols and standards for IoT devices

In terms of DNS protocols and standards, several were developed or borrowed to meet the
specific challenges and opportunities provided by IoT. The most significant ones are:

DNS over HTTPS (DoH): It encrypts the DNS queries along with their corresponding
responses mainly to provide IoT with additional security.

DNS over TLS: Similar to DoH, DNS queries and responses are encrypted in DoT using
TLS.

DNSSEC provides the ability to authenticate DNS records; it is one step closer toward
preventing DNS poisoning attacks and has ensured DNS data integrity.

DNS64: This is the ability of IPv6 devices to interface their name resolution over IPv4
DNS to IPv6 networks.

DNS-SD or Service Discovery: This other protocol enables the discovering of the services
available on a network, and, therefore is very valuable for many IoT applications.

DNS security considerations for IoT

The perspective of security threats makes the IoT vulnerable. In terms of DNS, this is a
humongous issue because DNS plays pivotal importance in the sense of defending the
devices from such attack and protects them. Some of the key DNS security issues,
following in the context of IoT, are as below: DNSSEC: DNSSEC authenticates the DNS
data and prevents IoT devices from possible DNS poisoning attacks.
DNS Encryption: There could also be encryption of the DNS queries and responses against
snooping by encrypted DNS protocols such as DoH or DoT.
DNS Filtering: The installed DNS filtering will block unwanted websites and websites
even marked as malicious.
DNS Monitoring and Threat Detection: Its ability allows monitoring of all activity,
including DNS traffic, in real time with mechanisms for threats such as alerting in case of
the possibility of security incidents.

12
IoT-specific DNS services and applications
In this respect, several IoT-specific DNS services and applications emerge to address
specific aspects of challenges and opportunities that IoT brings along. Some even could
come up with benefits like easy management of devices, enhanced security, and
scalability. A few of them are as follows.
IoT specific DNS resolvers: IoT optimizes the management of query generations by
multiple devices.
DNS-based device provisioning: Devices can be remotely configured and programmed
using DNS with the required configuration information.
DNS-based service discovery: DNS-SD can be used to allow auto-discovery for different
IoT devices or nodes.
DNS-based security solutions: There are DNS-based security solutions as well that can give
protection to the IoT devices from all kinds of security threats.

Future Trends and Developments

DNS automation and orchestration

With the growth in the number and level of DNS infrastructures, the need for
organizations to utilize automated tools and platforms able to control DNS
operations is increasing. DNS automation and orchestration hence reduce
cumbersome manual work, boost efficiency, and help reduce security issues. A
few examples of DNS automation and orchestration tools include but are not
limited to:

DNS Management Platforms: A central platform through which zones, records, as

well as policies may be accessed for management.

DNS Automation Tools: So many mundane tasks around DNS can be automated
with such tools, including the creation, updation, and deletion of DNS records.

DNS Orchestration Tools Orchestrate DNS operations across multiple DNS server
installations and networks.

DNS integration with other network technologies

DNS is highly being integrated with other networking technologies to get interoperability
and efficient performance. Some of them are as follows:

IPv6: With the integration of communications between an IPv4 and IPv6 network in a
seamless manner, DNS is designed to make use of IPv6, which is the future internet
protocol.

13
Network Virtualization: DNS can be used for naming within virtualized networks to
achieve flexibility and scalability.
CDNs: By design depends on DNS to cache content from the nearest server of the CDN
and therefore accelerates the delivery of content.

DNS and emerging internet applications

DNS plays a key role in enabling new Internet applications, which include;

IoT: This is where DNS allows IoT devices to discover and identify themselves with each
other or with cloud-based services.

DNS is used in cloud service domain name resolution. It is essentially used to provide the
possibility of using such services using easily memorable URLs.

Virtual reality: DNS would resolve virtual world and experience-related services and
applications' domain names enabling users to access their own virtual reality constructs.

Web3: DNS is to enable and drive the decentralized web through direct access to content
and apps by users from the blockchain.

DNS research and advancements

Active research and development in DNS continue to be undergone to address

increasing internet demands while improving the efficiency, security, and
scalability of DNS services. Among some the research and development areas are
as follows:

Implementation of DNSSEC: Plan for DNSSEC adoption to enhance DNS data

security from DNS poisoning attacks and other exploitation techniques.

This includes new techniques and protocols under research to find a secure and
private DNS.

DNS Performance Enhancement: Scientists are currently working on several

approaches by which the performance of DNS can be improved, and some of
these approaches include new caching algorithms and enhancements over DNS
query routing.

Research is being done to merge DNS with other new technologies in the network
such as IPv6 and network virtualization to be able to improve interoperability
along with efficiency.

Naming Changes of Emergent Internet Applications The DNS is constantly

evolving to adapt to the emergent internet applications. The internet of things,
cloud computing, and virtual reality are some example.

14
 Case Studies and Examples

Real-world DNS incidents and case studies

It was the witness to many of the most known incidents and breaches of security in recent
years. This expresses the role played by security in the world of DNS and can be directly
associated with a couple of the effects of DNS vulnerability. Some examples of these
include:
Dyn DDoS Attack 2016: A huge DDoS attacked the DNS provider and completely locked
out access to websites, majoring online services like Twitter, Netflix, and Spotify.
DNS Hijacking Incidents Instances have been known where attackers, in sheer violation of
security protocols, take hold of a DNS server without authorization and divert the resultant
traffic towards malicious web pages.
DNS Cache Poisoning Attacks: The attacker abuses the weaknesses existing in the DNS
resolvers. She injects malicious DNS records into the cache; therefore, she sends the
victims to the wrong place-typically malicious websites.

Successful DNS deployments and best practise

The DNS solution is faster, more reliable, and secure than several organizations that have
implemented it. Implementation of DNS best practices include:

DNSSEC Deployment: It should be deployed as it will give protection of DNS poisoning

attacks to take place while offering prevention to DNS from falsification of data.
Monitoring of DNS: To ensure the threat of attack by malicious DNS, monitoring must be
continuous. And in addition to monitoring DNS traffic, security threats detection must be
set up.
DNS Redundancy and Failover. One of the reasons that DNS redundancy and failover
would fulfill the high availability requirement is because these employ redundancy in the
system itself along with failover mechanisms to ensure the provision of DNS services
where the DNS services continue from other systems in case of failures and outages in the
system.
DNS automation and orchestration: The use of automation and orchestration tools made
DNS management highly efficient and reliable.
DNS Security Best Practices Maintains DNS security best practices include having a strong
password and periodic updates of the DNS software; it should avoid any open or unpatched
vulnerabilities.

15
DNS-related research projects and academic papers
This includes for example research projects and academic papers on matters such as DNS
security, optimizing methods in DNS performance, or even a new DNS protocol or
standards. Here is just a long list of examples:

DNSSEC Research: There were several targeted research projects to better adopt and
implement DNSSEC.
Research in optimization of DNS performance: Good areas of research in this area include
new caching algorithms optimized for DNS query routing.
DNS Security Threats : Researchers have identified and developed countermeasures
against DNS security threats.
DNS Integration with Other Network Technologies: Integrating DNS with other network
technologies, such as IPv6 and network virtualization, is conducted in significant research.
The research was mainly focused on engineering DNS to support new applications of the
internet such as Internet of Things and cloud computing.

Conclusion
It is, therefore, one of the infrastructural components of the internet that cannot be
substituted: it basically just offers one of the most fundamental services: it translates
human-readable names into their counterparts in machine-interpretable IP addresses. As the
Internet continues to evolve and grow, DNS will remain a critical enabler of online
communications and services.
DNS is one of the primary enablers for efficiency as well as the safety of access to the
internet. On the positive side, DNS allows resources online to be readily accessed with
optimized network traffic to the user. On the negative side, DNS saves the users from all
sorts of security threats. DNS has become the most essential part of emerging applications
and services over the Internet. Some of these emerging applications and services include
Internet of Things, cloud computing, virtual reality, and many more.
DNS will evolve and develop itself in accordance with rapidly increasing demands over the
Internet. Strengthening of the DNS security, improvements in performance, and gradual
integration into other network technologies will be incorporated. Organisations will have
reliable, efficient, and secure Internet infrastructure by keeping themselves updated with
the latest trends and best practices in DNS.
Conclusion: This is the Domain Name System, serving as the founding pillar of the internet
and therefore providing basic services that enable the smooth running of online
applications and services. There is no exaggeration in terms of its role for ensuring a
seamless, effective, and safe internet experience.

16
 References
Books:

1. DNS: The Definitive Guide by Paul Albitz and Cricket Liu. O'Reilly Media, 2016.

2. DNS: The Domain Name System by Allain Duquesnoy. O'Reilly Media, 2007.

3. DNS: A Practical Guide by Robert Fink. Syngress, 2015.

Online Resources:

1. Internet Systems Organization (ISO): https://www.iso.org/home.html

2. American Registry for Internet Numbers (ARIN): https://www.arin.net/

3. Internet Corporation for Assigned Names and Numbers (ICANN):

https://www.icann.org/

4. RFC 1034: Domain Names - Concepts and Facilities:

https://datatracker.ietf.org/doc/html/rfc1034

5. RFC 1035: Domain Names - Implementation and Specification:

https://datatracker.ietf.org/doc/html/rfc1035

6. DNS Security Extensions (DNSSEC): https://cloud.google.com/dns/docs/dnssec

7. DNS over HTTPS (DoH):

8. https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-https/

17