Publications

Filter by type:

. The Forgotten Side of DNS: Orphan and Abandoned Records. Accepted for the 2020 Workshop on Traffic Measurements for Cybersecurity (WTMC ‘20), Genova, Italy, 7 September, 2020.

Conference

. TXTing 101: Finding Security Issues in the Long Tail of DNS TXT Records. Accepted for the 2020 Workshop on Traffic Measurements for Cybersecurity (WTMC ‘20), Genova, Italy, 7 September, 2020.

Conference

. A Longitudinal and Comprehensive Study of the DANE Ecosystem in Email. Accepted for The 29th USENIX Security Symposium (USENIX Security ‘20), Boston, MA, USA, 12-14 August, 2020.

Preprint Project Conference

. Global-Scale Anycast Network Management with Verfploeter. In Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS 2020), Budapest, Hungary, 20-24 April, 2020.

Preprint Conference

. Passive Observations of a Large DNS Service: 2.5 Years in the Life of Google (extended version). In IEEE Transactions on Network and Service Management, Volume 17, Issue 1, March, 2020.

PDF

. When Parents and Children Disagree: Diving into DNS Delegation Inconsistency. Accepted for Passive and Active Measurements Conference (PAM 2020), Eugene, Oregon, US, March 30-31, 2020, 2020.

PDF Conference

. RPKI is Coming of Age: A Longitudinal Study of RPKI Deployment and Invalid Route Origins. In proceedings of the ACM Internet Measurement Conference 2019 (IMC 2019), Amsterdam, The Netherlands, 21-23 October, 2019.

PDF Slides Video

. Roll, Roll, Roll your Root: A Comprehensive Analysis of the First Ever DNSSEC Root KSK Rollover. In proceedings of the ACM Internet Measurement Conference 2019 (IMC 2019), Amsterdam, The Netherlands, 21-23 October, 2019.

PDF Slides Video Best Paper Award

. Rolling with Confidence: Managing the Complexity of DNSSEC Operations. In IEEE Transactions on Network and Service Management Volume and Issue TBA, 2019.

PDF

. Privacy-Conscious Threat Intelligence Using DNSBloom. In Proceedings of the 16th IFIP/IEEE International Symposium on Integrated Network Management (IM 2019), 8-12 April 2019, Washington DC, US, 2019.

PDF

. A First Look at QNAME Minimization in the Domain Name System. In Proceedings of Passive and Active Measurements 2019, Puerto Varas, Chile, March 27-29, 2019, 2019.

Preprint PDF Best Dataset Award

. Measuring the Impact of a Successful DDoS Attack on the Customer Behaviour of Managed DNS Service Providers. In Proceedings of the 2018 Workshop on Traffic Measurements for Cybersecurity (WTMC ‘18), Budapest, Hungary, 20 August, 2018.

PDF Extended Version in ACM SIGCOMM CCR

. Passive Observations of a Large DNS Service: 2.5 Years in the Life of Google. Accepted for Network Traffic Measurement and Analysis Conference (TMA 2018), Vienna, Austria, 26-29 June, 2018.

PDF Best Open Dataset Award

. A First Look at Certification Authority Authorization (CAA). In ACM SIGCOMM Computer Communication Review (CCR), Volume 48, Issue 2, April, 2018.

PDF

. Melting the Snow: Using Active DNS Measurements to Detect Snowshoe Spam Domains. In Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS 2018), Taipei, Taiwan, 23-27 April, 2018.

Preprint Project Best Paper Award

. Economic Incentives on DNSSEC Deployment: Time to Move from Quantity to Quality. In Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS 2018), Taipei, Taiwan, 23-27 April, 2018.

Preprint Conference

. Understanding the Role of Registrars in DNSSEC Deployment. In ACM Internet Measurement Conference 2017 (IMC 2017), London, United Kingdom, 1-3 November, 2017.

PDF Project ANRP 2019

. Ethics and Internet Measurements. In Journal of Cyber Security and Mobility, Volume 5, Issue 4, October, 2017.

PDF

. The Root Canary: Monitoring and Measuring the DNSSEC Root Key Rollover. In Proceedings of ACM SIGCOMM 2017 Posters and Demos, Los Angeles, CA, USA, 22-24 August, 2017.

Preprint PDF Project Poster

. TIDE - Threat Identification using Active DNS Measurements. In Proceedings of ACM SIGCOMM 2017 Posters and Demos, Los Angeles, CA, USA, 22-24 August, 2017.

Preprint PDF Project Poster

. A Longitudinal, End-to-End View of the DNSSEC Ecosystem. In Proceedings of the 26th USENIX Security Symposium (USENIX Security ‘17), Vancouver, BC, Canada, 16-18 August, 2017.

PDF Project Distinguished Paper Award

. The Performance Impact of Elliptic Curve Cryptography on DNSSEC Validation. In IEEE/ACM Transactions on Networking, Volume 25, Issue 2, April, 2017.

Preprint PDF ANRP 2017

. On the Potential of IPv6 Open Resolvers for DDoS Attacks. In Proceedings of Passive and Active Measurements 2017, Sydney, Australia, 30-31 March, 2017.

PDF

. Measuring the Adoption of DDoS Protection Services. In Proceedings of the ACM Internet Measurement Conference 2016 (IMC 2016), Santa Monica, CA, USA, 14-16 November, 2016.

PDF

. On the Adoption of the Elliptic Curve Digital Signature Algorithm (ECDSA) in DNSSEC. In Proceedings of the 12th International Conference on Network and Service Management (CNSM 2016), Montréal, QB, Canada, October 31-November 4, 2016.

Preprint PDF Poster

. A High-Performance, Scalable Infrastructure for Active DNS Measurements. In IEEE Journal on Selected Areas in Communications (JSAC), Volume 34, Issue 7, May, 2016.

Preprint PDF Research Data NL Prize

. Measuring Software Efficiency - Presenting a Methodology and Case Study on DNS Resolvers. In Proceedings of the 18th Mediterranean Electrotechnical Conference (MELECON 2016), Limassol, Cyprus, 18-20 April, 2016.

PDF

. Making the Case for Elliptic Curves in DNSSEC. In ACM SIGCOMM Computer Communication Review (CCR), Volume 45, Issue 5, October, 2015.

PDF

. The Internet of Names: A DNS Big Dataset. In Proceedings of ACM SIGCOMM 2015, London, UK, 17-21 August, 2015.

PDF Project Poster

. Ethics in Data Sharing: A Best Practice for NRENs. In TERENA Networking Conference (TNC 2015), Porto, Portugal, 15-18 June, 2015.

PDF Slides Video

. Booters - An Analysis of DDoS-as-a-Service Attacks. In Proceedings of IEEE/IFIP IM 2015, Ottawa, ON, Canada, 11-15 May, 2015.

PDF

. DNSSEC and Its Potential for DDoS Attacks. In Proceedings of the ACM Internet Measurement Conference 2014 (IMC 2014), Vancouver, BC, Canada, 5-7 November, 2014.

PDF Community Contribution Award ANRP 2015

. Ethics in Data Sharing: a Model for Best Practice. In Proceedings of the ACM Internet Measurement Conference 2014 (IMC 2014), Vancouver, BC, Canada, 5-7 November, 2014.

Poster

. Large-Scale DNS and DNSSEC Data Sets for Network Security Research. CTIT Technical Report Series (TR-CTIT-14-13), 2014.

PDF

. Ethics in Data Sharing: Developing a Model for Best Practice. In Proceedings of 2nd Cybersecurity Research Ethics Dialogs & Strategy (CREDS-II), co-located with the 35th IEEE Symposium on Security and Privacy (IEEE S&P 2014), San Jose, CA, USA, 17 May, 2014.

PDF

. DNSSEC Meets Real World: Dealing With Unreachability Caused By Fragmentation. In IEEE Communications Magazine (ComMag), Volume 52, Issue 4, April, 2014.

Preprint PDF

. Packets Don't Know About Ethics. In Dagstuhl Seminar 14052 - Ethics in Data Sharing, Schloss Dagstuhl, Germany, 26-31 January, 2014.

Extended Abstract (PDF)

. Simple Location-Based One-time Passwords. Technical Report, 2013.

PDF

. Using Trusted Execution Environments in Two-factor Authentication: Comparing Approaches. In Proceedings of the Open Identity Summit 2013 (OID-2013), Kloster-Banz, Germany, 9-11 September, 2013.

PDF

. Improving Response Deliverability in DNS(SEC). In TERENA Networking Conference (TNC 2012), Reykjavík, Iceland, 21-24 May, 2012.

Poster

. tiqr: A Novel Take on Two-Factor Authentication. In Proceedings of the 25th international conference on Large Installation System Administration (LISA ‘11), Boston, MA, USA, 4-9 December, 2011.

PDF Slides