I am a researcher in computer science focusing on network measurement. I obtained my Ph.D. from the Electrical Engineering and Computer Science department of Case Western Reserve University in 2016. My advisor is Michael Rabinovich.

email: first dot last at gmail
(key)
phone: +01 646 two four nine 51 eight two

Computer scientist performing Internet measurement research at Cisco ThousandEyes. My areas of interested are distributed systems, networking, and Internet measurement. My current focus is on anycast routing and mitigation of DDoS attacks, specifically against the DNS. Previously, I studied privacy and security issues in the DNS, transport protocols and congestion control in mobile networks, and encryption in the presence of middleboxes. See my cv for details.

Akamai DNS at SIGCOMM 2020

Check out our work sharing many details of the architecture of Akamai's DNS authoritative nameserver infrastructure that appeared in ACM SIGCOMM 2020. Akamai DNS is one of the largest authoritative DNS infrastructures in the world, and supports the Akamai content delivery network (CDN) as well as authoritative DNS hosting and DNS-based load balancing services for many enterprises.

Paper Accepted to IMC 2019

Our work with collaborators at Case Western Reserve University has been accepted to Internet Measurement Conference 2019. In this work, we investigate the current state of EDNS-Client-Subnet (ECS) deployment and the behavior of recursive resolvers implementing the specification. We find many potential pitfalls and corner cases in deploying ECS that in some cases negate the potential benefits. Come listen to the talk or watch for the publication of the paper to learn more!

Presented at DNS-OARC 30

I presented work on DNS recursive resolver delegation selection algorithms at DNS-OARC 30 in Bangkok, Thailand. Check out the talk on YouTube and get the slides here. This talk will also be presented at NDD 2019.

Presenting at PAM 2018

Work done with my 2017 summer intern Rami Al-Dalky was accepted into the Passive and Active Measurement Conference in Berlin, Germany on March 26, 2018. I will be presenting our results on March 27.

Two Papers Accepted to PAM 2016!

Our papers on characterizing and modeling client DNS traffic and the emergence of HTTP/2 in the wild have both been accepted to the Passive and Active Measurement Conference in Crete, Greece on March 31, 2016. Come hear about the work we have been doing!

Enabling Secure In-Network Functionality in TLS

Transport Layer Security (TLS), is the de facto protocol supporting secure HTTP. However, TLS makes the fundamental assumption that all functionality resides solely at the endpoints, and is thus unable to utilize the many in-network services that optimize network resource usage, improve user experience, and protect clients and servers from security threats. See our solution for re-introducing in-network functionality into secure TLS sessions at Sigcomm 2015. Check out the project website here.

Measuring HTTP/2 Deployment

Check out our work on the current status of HTTP/2 in the wild here. The protocol specification was finalized in May and there are already quite a few Websites that support it. For the latest updates, see the Web dashboard at isthewebhttp2yet.com.

DNS Vulnerability Scanner is Live!

During the course of several research projects, we have explored a variety of vulnerabilities in the DNS. Many of these vulnerabilities can directly impact end users. In an effort to make DNS resolution more transparent to users, I wrote a tool that when run scans the resolvers used and determines whether they are vulnerable to a variety of attacks. Curious how your resolver stacks up? Go here to find out!

DNS Resolvers Considered Harmful

Our paper on the dangers of using DNS resolvers is apppearing at the HotNets 2014 workshop on the University of Southern California campus on October 28th, 2014. In this work, we suggest another approach to resolution and show some initial results indicating the potential of this approach.

Research Internship with Telefónica I+D

On September 1st, 2014, I will begin a three month research internship with Telefónica I+D in Barcelona, Spain. Telefónica is one of the largest telecommunications companies in the world providing both broadband and mobile solutions to customers and Telefónica I+D is the research and development company of the Telefónica group.

Talk at NANOG 61

At NANOG 61 in Bellevue, WA on June 3rd, 2014, I will be presenting further findings on DNS vulnerabilities in forwarding DNS servers. Our research suggests that these devices are typically home routers and therefore present in nearly all ISP networks. At NANOG, I will be informing the community of the danger these home routers pose and motivating action to mitigate the risk. (slides)

Assessing the DNS Vulnerability to Record Injection

I will be presenting our recent measurement work on DNS record injection attacks at the Passive and Active Measurement Conference on March 10th, 2014. In this work, we show that there are still a significant number of DNS servers that are vulnerable to attacks that have been known for years. Further, we introduce a newly discovered vulnerability in so called "forwarding" DNS servers which utilize another server to perform recursive resolution on their behalf.

On Measuring the Client-Side DNS Infrastructure

Next month in Barcelona, Spain, I will present the recent work we have done on measuring the client-side DNS infrastructure at the Internet Measurement Conference. We demonstrate the diverse structures that have arisen to improve the performance of DNS transactions and mitigate load. Further, as a demonstration of our measurement techniques, we show how the infrastucture handles caching of DNS records.