USENIX’23 Artifact Appendix: NRDelegationAttack: Complexity DDoSattack on DNS Recursive Resolvers

Yehuda Afek, Anat Bremler-Barr, Shani Stajnrod
Usenix Security ,
Poster and brief announcement
DDoS attack, DNS security


To fully understand the root cause of the NRDelegationAttack and to analyze its amplification factor, we developed mini- lab setup, disconnected from the Internet, that contains all
the components of the DNS system, a client, a resolver, and authoritative name servers. This setup is built to analyze and examine the behavior of a resolver (or any other component) under the microscope. On the other hand it is not useful for performance analysis (stress analysis).
Here we provide the code and details of this setup enabling to reproduce our analysis. Moreover, researchers may find it useful for farther behavioral analysis and examination of different components in the DNS system.

Supplemental Material

May 8, 2023