Sana Habib (Arizona State University, Tempe, United States, Washington and Lee University, Lexington, United States)
Unlike traditional IP and IP-based SDN networks, DNS in 5G and emerging 6G networks functions as a control-plane dependency, supporting telephony service discovery, SIP/IMS signaling (e.g., ENUM E.164 number mapping as a DNS application), and cross-slice traffic steering. Despite cloud-native, virtualized, and sliced architectures, DNS continues to rely on largely unchanged protocols and operational practices, leaving legacy vulnerabilities exposed. In this paper, we systematically analyze 84 documented DNS threats through an architecture-aware framework that evaluates their impact across six dimensions: service disruption, privacy leakage, amplification risk, traffic steering, slice impact, and misconfiguration risk. Our analysis highlights mobile-specific factors—including shared core functions, cross-slice resolvers, and DNS-mediated telephony control—that amplify the effects of protocol downgrades, incomplete DNSSEC deployment, and resolver sharing. In combination, these factors allow localized DNS failures to propagate across services, privacy boundaries, traffic steering, and slice isolation. We present a taxonomy that captures how DNS vulnerabilities manifest in next-generation mobile networks and map a subset of representative high-impact threats to architectural enforcement points, providing guidance for measurement, mitigation, and more robust 5G/6G design.