Learn More
Since the inception of sensor networks, in-network processing has been touted as the enabling technology for long-lived deployments. Radio communication is the overriding consumer of energy in such networks. Therefore , data reduction before transmission, either by compression or feature extraction, will directly and significantly increase network lifetime.(More)
This paper examines the deployment of the DNS Security Extensions (DNSSEC), which adds cryptographic protection to DNS, one of the core components in the Internet infrastructure. We analyze the data collected from the initial DNSSEC deployment which started over 2 years ago, and identify three critical metrics to gauge the deployment: availability,(More)
Recently deployed Wireless Sensor Network systems (WSNs) are increasingly following <i>heterogeneous</i> designs, incorporating a mixture of elements with widely varying capabilities. The development and deployment of WSNs rides heavily on the availability of simulation, emulation, visualization and analysis support. In this work, we develop tools(More)
—The DNS Security Extensions (DNSSEC) are among the first attempts to deploy cryptographic protections in an Internet-scale operational system. DNSSEC applies well-established public key cryptography to ensure data integrity and origin authenticity in the DNS system. While the cryptographic design of DNSSEC is sound and seemingly simple, its development has(More)
After several IPv4 address exhaustion milestones in the last three years, it is becoming apparent that the world is running out of IPv4 addresses, and the adoption of the next generation Internet protocol, IPv6, though nascent, is accelerating. In order to better understand this unique and disruptive transition, we explore twelve metrics using ten(More)
—SecSpider is a DNSSEC monitoring system that helps identify operational errors in the DNSSEC deployment and discover unforeseen obstacles. It collects, verifies, and publishes the DNSSEC keys for DNSSEC-enabled zones, which enables operators of both authoritative zones and recursive resolvers to deploy DNSSEC immediately, and benefit from its cryptographic(More)
This paper provides the first systematic study of DNS data taken from one of the 13 servers for the .com/.net registry. DNS' generic Top Level Domains (gTLDs) such .com and .net serve resolvers from throughout the Internet and respond to billions of DNS queries every day. This study uses gTLD data to characterize the DNS resolver population and profile DNS(More)
FBI's <i>Operation Ghost Click</i>, the largest cybercriminal takedown in history, recently took down an ad fraud infrastructure that affected 4 million users and made its owners 14 million USD over a period of four years. The attackers hijacked clicks and ad impressions on victim machines infected by a DNS changer malware to earn ad revenue fraudulently.(More)
Current large-scale authentication and non-repudiation systems offer various security measures, but do not meet the needs of today's Internet-scale applications. Though several designs exist, there have been no significant deployments of Internet-scale security infrastructures. In this paper we propose a novel concept called the public-space that makes(More)