Liang Wang, Hyojoon Kim, Prateek Mittal, Jennifer Rexford (Princeton University)

In conventional DNS, or Do53, requests and responses are sent in cleartext. Thus, DNS recursive resolvers or any on-path adversaries can access privacy-sensitive information. To address this issue, several encryption-based approaches (e.g., DNS-over-HTTPS) and proxy-based approaches (e.g., Oblivious DNS) were proposed. However, encryption-based approaches put too much trust in recursive resolvers. Proxy-based approaches can help hide the client’s identity, but sets a higher deployment barrier while also introducing noticeable performance overhead. We propose PINOT, a packet-header obfuscation system that runs entirely in the data plane of a programmable network switch, which provides a lightweight, low-deployment-barrier anonymization service for clients sending and receiving DNS packets. PINOT does not require any modification to the DNS protocol or additional client software installation or proxy setup. Yet, it can also be combined with existing approaches to provide stronger privacy guarantees. We implement a PINOT prototype on a commodity switch, deploy it in a campus network, and present results on protecting user identity against public DNS services.

View More Papers

LaKSA: A Probabilistic Proof-of-Stake Protocol

Daniel Reijsbergen (Singapore University of Technology and Design), Pawel Szalachowski (Singapore University of Technology and Design), Junming Ke (University of Tartu), Zengpeng Li (Singapore University of Technology and Design), Jianying Zhou (Singapore University of Technology and Design)

Read More

Screen Gleaning: Receiving and Interpreting Pixels by Eavesdropping on...

Zhuoran Liu, Léo Weissbart, Dirk Lauret (Radboud University)

Read More

Towards Defeating Mass Surveillance and SARS-CoV-2: The Pronto-C2 Fully...

Gennaro Avitabile, Vincenzo Botta, Vincenzo Iovino, and Ivan Visconti (University of Salerno)

Read More

Data Poisoning Attacks to Deep Learning Based Recommender Systems

Hai Huang (Tsinghua University), Jiaming Mu (Tsinghua University), Neil Zhenqiang Gong (Duke University), Qi Li (Tsinghua University), Bin Liu (West Virginia University), Mingwei Xu (Tsinghua University)

Read More