A Quantitative Method for Measuring Health of Authoritative Name Servers

Abstract

The domain name system (DNS) is regarded as one of the critical infrastructure components of the global internet because a large-scale DNS outage would effectively take a typical user offline. Therefore, the internet community should ensure that critical components of the DNS ecosystem—that is, root name servers, top-level domain registrars and registries, authoritative name servers, and recursive resolvers—function smoothly. To this end, the community should monitor them periodically and provide public alerts about abnormal behavior. The authors propose a novel quantitative approach for evaluating the health of authoritative name servers – a critical, core, and a large component of the DNS ecosystem. The performance is typically measured in terms of response time, reliability, and throughput for most of the internet components. This research work proposes a novel list of parameters specifically for determining the health of authoritative name servers: DNS attack permeability, latency comparison, and DNSSEC validation. The aim is to understand the general behavior of authoritative name servers, detect sluggishness in their performance, and arrive at a score of their health through the aforesaid parameters. The effectiveness of identified parameters is evaluated by devising the corresponding probing algorithms and experimented with them among the authoritative name servers serving the world’s top 500 domains. This approach could be used periodically to assess and take necessary measures to protect authoritative domain name servers from abuse. © © 2022, IGI Global.