Liang Wang, Hyojoon Kim, Prateek Mittal, Jennifer Rexford (Princeton University)

In conventional DNS, or Do53, requests and responses are sent in cleartext. Thus, DNS recursive resolvers or any on-path adversaries can access privacy-sensitive information. To address this issue, several encryption-based approaches (e.g., DNS-over-HTTPS) and proxy-based approaches (e.g., Oblivious DNS) were proposed. However, encryption-based approaches put too much trust in recursive resolvers. Proxy-based approaches can help hide the client’s identity, but sets a higher deployment barrier while also introducing noticeable performance overhead. We propose PINOT, a packet-header obfuscation system that runs entirely in the data plane of a programmable network switch, which provides a lightweight, low-deployment-barrier anonymization service for clients sending and receiving DNS packets. PINOT does not require any modification to the DNS protocol or additional client software installation or proxy setup. Yet, it can also be combined with existing approaches to provide stronger privacy guarantees. We implement a PINOT prototype on a commodity switch, deploy it in a campus network, and present results on protecting user identity against public DNS services.

View More Papers

(Short) Object Removal Attacks on LiDAR-based 3D Object Detectors

Zhongyuan Hau, Kenneth Co, Soteris Demetriou, and Emil Lupu (Imperial College London) Best Short Paper Award Runner-up!

Read More

Ovid: Message-based Automatic Contact Tracing

Leonie Reichert and Samuel Brack (Humboldt University of Berlin); Björn Scheuermann (Humboldt-University of Berlin)

Read More

“Lose Your Phone, Lose Your Identity”: Exploring Users’ Perceptions...

Michael Lutaaya, Hala Assal, Khadija Baig, Sana Maqsood, Sonia Chiasson (Carleton University)

Read More

FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping

Xiaoyu Cao (Duke University), Minghong Fang (The Ohio State University), Jia Liu (The Ohio State University), Neil Zhenqiang Gong (Duke University)

Read More