Next Article in Journal
Information Spread across Social Network Services with Non-Responsiveness of Individual Users
Next Article in Special Issue
Toward a Sustainable Cybersecurity Ecosystem
Previous Article in Journal
Addressing Bandwidth-Driven Flow Allocationin RINA
Previous Article in Special Issue
Possibilities of Electromagnetic Penetration of Displays of Multifunction Devices

Privacy-Preserving Passive DNS

School of Computing Edinburgh Napier University, Edinburgh EH10 5DT, UK
Department of Information Security and Communication Technology, Norwegian University of Science and Technology, 2815 Gjøvik, Norway
Faculty of Pure and Applied Sciences, Open University of Cyprus, 2220 Latsia, Cyprus
Authors to whom correspondence should be addressed.
Computers 2020, 9(3), 64;
Received: 14 July 2020 / Revised: 7 August 2020 / Accepted: 9 August 2020 / Published: 12 August 2020
(This article belongs to the Special Issue Feature Paper in Computers)
The Domain Name System (DNS) was created to resolve the IP addresses of web servers to easily remembered names. When it was initially created, security was not a major concern; nowadays, this lack of inherent security and trust has exposed the global DNS infrastructure to malicious actors. The passive DNS data collection process creates a database containing various DNS data elements, some of which are personal and need to be protected to preserve the privacy of the end users. To this end, we propose the use of distributed ledger technology. We use Hyperledger Fabric to create a permissioned blockchain, which only authorized entities can access. The proposed solution supports queries for storing and retrieving data from the blockchain ledger, allowing the use of the passive DNS database for further analysis, e.g., for the identification of malicious domain names. Additionally, it effectively protects the DNS personal data from unauthorized entities, including the administrators that can act as potential malicious insiders, and allows only the data owners to perform queries over these data. We evaluated our proposed solution by creating a proof-of-concept experimental setup that passively collects DNS data from a network and then uses the distributed ledger technology to store the data in an immutable ledger, thus providing a full historical overview of all the records. View Full-Text
Keywords: passive DNS (Domain Name System); privacy-preserving; distributed ledger; blockchain; hyperledger fabric; private data collection passive DNS (Domain Name System); privacy-preserving; distributed ledger; blockchain; hyperledger fabric; private data collection
Show Figures

Figure 1

MDPI and ACS Style

Papadopoulos, P.; Pitropakis, N.; Buchanan, W.J.; Lo, O.; Katsikas, S. Privacy-Preserving Passive DNS. Computers 2020, 9, 64.

AMA Style

Papadopoulos P, Pitropakis N, Buchanan WJ, Lo O, Katsikas S. Privacy-Preserving Passive DNS. Computers. 2020; 9(3):64.

Chicago/Turabian Style

Papadopoulos, Pavlos, Nikolaos Pitropakis, William J. Buchanan, Owen Lo, and Sokratis Katsikas. 2020. "Privacy-Preserving Passive DNS" Computers 9, no. 3: 64.

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

Back to TopTop