posted on 2017-08-02, 15:11authored byMarwan Mohammed Mahmoud Radwan
The Domain Name System (DNS) has a direct and strong impact on the performance of nearly all aspects of the Internet. DNS relies on a delegation-based architecture, where resolution of names to their IP addresses require resolving the names of the servers responsible for those names.
The recursive graphs of the inter-dependencies that exist between servers associated with each zone are called Dependency Graphs. We constructed a DNS Dependency Model as a unified representation of these Dependency Graphs. We utilized a set of Structural Metrics defined over this model as indicators of external quality attributes of the DNS. We applied machine learning in order to construct Prediction Models of the perceived quality attributes of the DNS out of the structural metrics of the model and evaluate the accuracy of these models.
Operational Bad Smells are configuration and deployment decisions, made by zone administrators, that are not totally errant or technically incorrect and do not currently prevent the system from doing its designated functionality. Instead, they indicate weaknesses that may impose additional overhead on DNS queries, or increase system vulnerability to threats, or increase the risk of failures in the future.
We proposed the ISDR (Identification, Specification, Detection and Refactoring) Method that enables DNS administrators to identify bad smells on a high-level abstraction using a consistent taxonomy and reusable vocabulary. We developed techniques for systematic detection and recommendations of reaction mechanisms in the form of graph-based refactoring rules.
The ISDR Method along with the DNS Quality Prediction Models are used to build the DNS Quality Assurance Framework and the DNS Advisor Tool. Assessing the perceived quality attributes of the DNS at an early stage enables us to avoid the implications of defective and low-quality designs. We identify configuration changes that improve the availability, security, stability and resiliency postures of the DNS.