More Like this

1. Characterization of Anycast Adoption in the DNS Authoritative Infrastructure

   Sommese, Raffaele ; Akiwate, Gautam ; Jonker, Mattijs ; Moura, Giovane C. ; Davids, Marco ; Rijswijk-Deij, Roland van ; Voelker, Geoffrey M. ; Savage, Stefan ; Claffy, kc ; Sperotto, Anna ( October 2021 , Network Traffic Measurement and Analysis Conference (TMA'21))

   nycast has proven to be an effective mechanism to enhance resilience in the DNS ecosystem and for scaling DNS nameserver capacity, both in authoritative and the recursive resolver infrastructure. Since its adoption for root servers, anycast has mitigated the impact of failures and DDoS attacks on the DNS ecosystem. In this work, we quantify the adoption of anycast to support authoritative domain name service for top-level and second-level domains (TLDs and SLDs). Comparing two comprehensive anycast census datasets in 2017 and 2021, with DNS measurements captured over the same period, reveals that anycast adoption is increasing, driven by a few large operators. While anycast offers compelling resilience advantage, it also shifts some resilience risk to other aspects of the infrastructure. We discuss these aspects, and how the pervasive use of anycast merits a re-evaluation of how to measure DNS resilience.
2. A Methodology for Measuring FLOSS Ecosystems

   https://doi.org/https://doi.org/10.1007/978-981-13-7099-1_1  

   Amreen, Sadika ; Bichescu, Bogdan ; Bradley, Randy ; Dey, Tapajit ; Ma, Yuxing ; Mockus, Audris ; Mousavi, Sara ; Zaretzki, Russell ( July 2019 , Towards Engineering Free/Libre Open Source Software (FLOSS) Ecosystems for Impact and Sustainability)

   FLOSS ecosystem as a whole is a critical component of world’s computing infrastructure, yet not well understood. In order to understand it well, we need to measure it first. We, therefore, aim to provide a framework for measuring key aspects of the entire FLOSS ecosystem. We first consider the FLOSS ecosystem through lens of a supply chain. The concept of supply chain is the existence of series of interconnected parties/affiliates each contributing unique elements and expertise so as to ensure a final solution is accessible to all interested parties. This perspective has been extremely successful in helping allowing companies to cope with multifaceted risks caused by the distributed decision-making in their supply chains, especially as they have become more global. Software ecosystems, similarly, represent distributed decisions in supply chains of code and author contributions, suggesting that relationships among projects, developers, and source code have to be measured. We then describe a massive measurement infrastructure involving discovery, extraction, cleaning, correction, and augmentation of publicly available open-source data from version control systems and other sources. We then illustrate how the key relationships among the nodes representing developers, projects, changes, and files can be accurately measured, how to handle absence of measures formore »user base in version control data, and, finally, illustrate how such measurement infrastructure can be used to increase knowledge resilience in FLOSS.« less
3. Assessing Support for DNS-over-TCP in the Wild

   https://doi.org/10.1007/978-3-030-98785-5_22  

   Mao, J: Rabinovich ( January 2022 , Lecture notes in computer science)

   Hohlfeld, O ; Moura, G ; Pelsser, C. (Ed.)

   While the DNS protocol encompasses both UDP and TCP as its underlying transport, UDP is commonly used in practice. At the same time, increasingly large DNS responses and concerns over amplification denial of service attacks have heightened interest in conducting DNS interactions over TCP. This paper surveys the support for DNS-over-TCP in the deployed DNS infrastructure from several angles. First, we assess resolvers responsible for over 66.2% of the external DNS queries that arrive at a major content delivery network (CDN). We find that 2.7% to 4.8% of the resolvers, contributing around 1.1% to 4.4% of all queries arriving at the CDN from the resolvers we study, do not properly fallback to TCP when instructed by authoritative DNS servers. Should a content provider decide to employ TCP-fallback as the means of switching to DNS-over-TCP, it faces the corresponding loss of its customers. Second, we assess authoritative DNS servers (ADNS) for over 10M domains and many CDNs and find some ADNS, serving some popular websites and a number of CDNs, that do not support DNS-over-TCP. These ADNS would deny service to (RFC-compliant) resolvers that choose to switch to TCP-only interactions. Third, we study the TCP connection reuse behavior of DNS actorsmore »and describe a race condition in TCP connection reuse by DNS actors that may become a significant issue should DNS-over-TCP and other TCP-based DNS protocols, such as DNS-over-TLS, become widely used.« less
4. Anycast Agility: Network Playbooks to Fight DDoS

   Rizvi, A S ; Bertholdo, Leandro ; Ceron, João ; Heidemann, John ( August 2022 , 31st USENIX Security Symposium)

   IP anycast is used for services such as DNS and Content Delivery Networks (CDN) to provide the capacity to handle Distributed Denial-of-Service (DDoS) attacks. During a DDoS attack service operators redistribute traffic between anycast sites to take advantage of sites with unused or greater capacity. Depending on site traffic and attack size, operators may instead concentrate attackers in a few sites to preserve operation in others. Operators use these actions during attacks, but how to do so has not been described systematically or publicly. This paper describes several methods to use BGP to shift traffic when under DDoS, and shows that a \emph{response playbook} can provide a menu of responses that are options during an attack. To choose an appropriate response from this playbook, we also describe a new method to estimate true attack size, even though the operator's view during the attack is incomplete. Finally, operator choices are constrained by distributed routing policies, and not all are helpful. We explore how specific anycast deployment can constrain options in this playbook, and are the first to measure how generally applicable they are across multiple anycast networks.
5. Championing Hispanic Student Success following Natural Disasters in Puerto Rico

   https://doi.org/10.18260/1-2--36790  

   López del Puerto, Carla ; Bellido, Carmen ; Suarez, Oscar ; Alfaro, Mónica ; Jimenez, Manuel ( July 2021 , 2021 ASEE Virtual Annual Conference)

   Natural disasters, such as 2017 hurricanes Irma and María, the 2020 earthquakes in Puerto Rico and the ongoing COVID-19 pandemic, affect students in many aspects including economic, socio-emotional, and academic performance progress. To ensure that students can cope with the aftermath of such searing events, it is necessary to develop initiatives that address these three aspects. Satisfying the financial need is essential, but a long-term solution is mandatory. Hence, providing socio-emotional and academic support and cultivating a sense of purpose are critical to prevent attrition. To secure continued STEM success among students affected by natural disasters, the National Science Foundation has funded several projects at the University of Puerto Rico, a Hispanic Serving Institution. This manuscript presents four NSF-funded projects sharing the common goal of providing support to STEM students to ensure that they succeed despite the said challenges. The first project, titled Nanotechnology Center for Biomedical, Environmental and Sustainability Application, leans heavily on research teams dedicated to design new Nanotechnology platforms to address biomedical and environmental challenges and simultaneously trains a new generation of nanoengineers and nanoscientists throughout the educational echelon starting from public intermediate schools through doctoral programs. The second project, entitled Ecosystem to Expand Capabilities and Opportunitiesmore »for STEM-Scholars (EECOS), developed an integrated framework that provides support to 62 low-income, talented, STEM students who were severely affected by Hurricane María and 2019-2020 earthquakes (58 undergraduate and 4 graduate). The project provided participants with financial, academic, socio-emotional, and career motivation support needed to complete their programs. The third project, Program for Engineering Access, Retention, and LIATS Success (PEARLS) addresses college access and economic hardships of Low-Income Academically Talented Students (LIATS). It aims at increasing the retention and academic success of talented engineering students coming from economically disadvantaged families. The fourth project, Resilient Infrastructure and Sustainability Education – Undergraduate Program (RISE-UP), has developed an interdisciplinary curriculum to educate cadres of Hispanic students on infrastructure resilience to temper and to overcome the effects of such natural disasters. Three campuses of this institution system collaborate in this interdisciplinary undertaking. Participating students are pursuing undergraduate degrees in engineering, architecture, and surveying who take the entailed courses together and participate in co-curricular activities (both online and in-person through site visits). The new curricular endeavor prepares them to design infrastructure that can withstand the impact of natural events. The expect outcome is to form cohorts of graduates ready to take on real-life infrastructure failures caused by disasters and provide them with an edge in their future professions. The present work provides a range of scalable and portable strategies that universities with underrepresented minorities in STEM programs could deploy to address the immediate and continued needs of students affected by natural disasters to secure academic success. These strategies can contribute to the development of professionals with the skills and experience to deal with severe circumstances such as those effected by natural disasters as well as the preparation to solve infrastructure challenges.« less