Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

White Paper

The Impact of Passive DNS Collection on End-User Privacy

  • Abstract

    This paper was presented at Securing and Trusting Internet Names 2012 (Teddington, UK). There are two distinct problems in determining the impact of passive DNS (pDNS) on end-user privacy. One is whether or not pDNS would allow the observer to reconstruct an individual end-user’s DNS behavior. The other is if DNS behavior constitutes personally identifiable information (PII) or is otherwise legally protected. This paper develops a framework to discuss both aspects of the privacy issue. From the technical point of view, DNS sensor architecture is analyzed and a statistical model is developed to describe the sensor’s ability to violate end-user privacy. To the other end, a review of various jurisdictions’ privacy legislation is presented and analyzed in the context of DNS as a system and pDNS as a collection mechanism. In general, we find that pDNS, properly configured, does not violate end-user privacy.
  • Download