{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,14]],"date-time":"2025-10-14T07:08:46Z","timestamp":1760425726427},"publisher-location":"Cham","reference-count":49,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030220372"},{"type":"electronic","value":"9783030220389"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-22038-9_18","type":"book-chapter","created":{"date-parts":[[2019,6,9]],"date-time":"2019-06-09T23:02:31Z","timestamp":1560121351000},"page":"374-395","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Security in Plain TXT"],"prefix":"10.1007","author":[{"given":"Adam","family":"Portier","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Henry","family":"Carter","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Charles","family":"Lever","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,6,6]]},"reference":[{"key":"18_CR1","unstructured":"Agar, R.J.M.: The domain name system (DNS): security challenges and improvements. Royal Holloway, University of London, Technical report (2010)"},{"key":"18_CR2","doi-asserted-by":"crossref","unstructured":"Agten, P., Joosen, W., Piessens, F., Nikiforakis, N.: Seven months\u2019 worth of mistakes: a longitudinal study of typosquatting abuse. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2015)","DOI":"10.14722\/ndss.2015.23058"},{"key":"18_CR3","unstructured":"Akamai: Security bulletin: Crafted DNS text attack (2014). https:\/\/www.akamai.com\/us\/en\/multimedia\/documents\/state-of-the-internet\/dns-txt-amplification-attacks-cybersecurity-threat-advisory.pdf"},{"key":"18_CR4","unstructured":"Allman, E., Callas, J., Delany, M., Libbey, M., Fenton, J., Thomas, M.: Domainkeys identified mail (DKIM) signatures. RFC 4871, RFC Editor (2007). http:\/\/www.rfc-editor.org\/rfc\/rfc4871.txt"},{"key":"18_CR5","unstructured":"Alrwais, S.A., Yuan, K., Alowaisheq, E., Li, Z., Wang, X.: Understanding the dark side of domain parking. In: USENIX Security Symposium (2014)"},{"key":"18_CR6","doi-asserted-by":"crossref","unstructured":"Amann, J., Gasser, O., Brent, L., Carle, G., Holz, R.: Mission accomplished? HTTPS security after DigiNotar. In: Proceedings of the ACM Internet Measurement Conference (IMC) (2017)","DOI":"10.1145\/3131365.3131401"},{"key":"18_CR7","unstructured":"Barnes, R., Hoffman-Andrews, J., McCarney, D., Kasten, J.: Draft: automatic certificate management environment (ACME) (2019). https:\/\/www.ietf.org\/id\/draft-ietf-acme-acme-18.txt"},{"key":"18_CR8","unstructured":"Bellis, R.: DNS transport over TCP - implementation requirements. RFC 5966, RFC Editor (2010). http:\/\/www.rfc-editor.org\/rfc\/rfc5966.txt"},{"key":"18_CR9","doi-asserted-by":"crossref","unstructured":"Borgolte, K., Fiebig, T., Hao, S., Kruegel, C., Vigna, G.: Cloud strife: mitigating the security risks of domain-validated certificates. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2018)","DOI":"10.14722\/ndss.2018.23327"},{"key":"18_CR10","doi-asserted-by":"crossref","unstructured":"Brandt, M., Dai, T., Klein, A., Shulman, H., Waidner, M.: Domain validation++ for MitM-resilient PKI. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2018)","DOI":"10.1145\/3243734.3243790"},{"key":"18_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/978-3-030-00470-5_7","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"J Bushart","year":"2018","unstructured":"Bushart, J., Rossow, C.: DNS unchained: amplified application-layer DoS attacks against DNS authoritatives. In: Bailey, M., Holz, T., Stamatogiannakis, M., Ioannidis, S. (eds.) RAID 2018. LNCS, vol. 11050, pp. 139\u2013160. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-00470-5_7"},{"key":"18_CR12","unstructured":"Chung, T., et al.: A longitudinal, end-to-end view of the DNSSEC ecosystem. In: USENIX Security Symposium (2017)"},{"key":"18_CR13","doi-asserted-by":"crossref","unstructured":"Chung, T., van Rijswijk-Deij, R., Choffnes, D., Levin, D., Maggs, B.M., Mislove, A., Wilson, C.: Understanding the role of registrars in DNSSEC deployment. In: Proceedings of the ACM Internet Measurement Conference (IMC) (2017)","DOI":"10.1145\/3131365.3131373"},{"key":"18_CR14","unstructured":"Cisco: Cisco umbrella populatiry list, 26 September 2017. http:\/\/s3-us-west-1.amazonaws.com\/umbrella-static\/top-1m-TLD-2017-09-26.csv.zip"},{"key":"18_CR15","unstructured":"Dagon, D., Provos, N., Lee, C.P., Lee, W.: Corrupted DNS resolution paths: the rise of a malicious resolution authority. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2008)"},{"key":"18_CR16","doi-asserted-by":"crossref","unstructured":"Dietrich, C., Krombholz, K., Borgolte, K., Fiebig, T.: Investigating system operators\u2019 perspective on security misconfigurations. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2018)","DOI":"10.1145\/3243734.3243794"},{"key":"18_CR17","unstructured":"Dinaburg, A.: Bitsquatting: DNS hijacking without exploitation. In: Proceedings of BlackHat Security (2011)"},{"key":"18_CR18","unstructured":"DMARC.org: Dmarc overview. https:\/\/dmarc.org\/overview\/"},{"key":"18_CR19","doi-asserted-by":"crossref","unstructured":"Durumeric, Z., Adrian, D., Mirian, A., Kasten, J.: Neither snow nor rain nor MITM... an empirical analysis of mail delivery security. In: Proceedings of the ACM Internet Measurement Conference (IMC) (2015)","DOI":"10.1145\/2815675.2815695"},{"key":"18_CR20","doi-asserted-by":"crossref","unstructured":"Foster, I.D., Larson, J., Masich, M., Snoeren, A.C., Savage, S., Levchenko, K.: Security by any other name: on the effectiveness of provider based email security. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2015)","DOI":"10.1145\/2810103.2813607"},{"issue":"2","key":"18_CR21","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1108\/10662240710737022","volume":"17","author":"S G\u00f6rling","year":"2007","unstructured":"G\u00f6rling, S.: An overview of the sender policy framework (SPF) as an anti-phishing mechanism. Internet Res. 17(2), 169\u2013179 (2007)","journal-title":"Internet Res."},{"key":"18_CR22","doi-asserted-by":"crossref","unstructured":"Herzberg, A., Shulman, H.: DNSSEC: security and availability challenges. In: IEEE Conference on Communications and Network Security (CNS), pp. 365\u2013366. IEEE (2013)","DOI":"10.1109\/CNS.2013.6682730"},{"key":"18_CR23","unstructured":"Hu, H., Wang, G.: End-to-end measurements of email spoofing attacks. In: USENIX Security Symposium (2018)"},{"key":"18_CR24","unstructured":"Kaminsky, D.: Black ops 2008: it\u2019s the end of the cache as we know it. Black Hat USA (2008)"},{"key":"18_CR25","doi-asserted-by":"crossref","unstructured":"Kintis, P., et al.: Hiding in plain sight: a longitudinal study of combosquatting abuse. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2017)","DOI":"10.1145\/3133956.3134002"},{"key":"18_CR26","doi-asserted-by":"publisher","first-page":"188","DOI":"10.1007\/978-3-319-45719-2_9","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"Athanasios Kountouras","year":"2016","unstructured":"Kountouras, A., et al.: Enabling network security through active DNS datasets. In: Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses (RAID) (2016)"},{"key":"18_CR27","doi-asserted-by":"crossref","unstructured":"Le, T., Van Rijswijk-Deij, R., Allodi, L., Zannone, N.: Economic incentives on DNSSEC deployment: time to move from quantity to quality. In: IEEE\/IFIP Network Operations and Management Symposium (NOMS) (2018)","DOI":"10.1109\/NOMS.2018.8406223"},{"key":"18_CR28","doi-asserted-by":"crossref","unstructured":"Lever, C., Walls, R., Nadji, Y., Dagon, D., McDaniel, P., Antonakakis, M.: Domain-z: 28 registrations later measuring the exploitation of residual trust in domains. In: IEEE Symposium on Security and Privacy (SP) (2016)","DOI":"10.1109\/SP.2016.47"},{"key":"18_CR29","unstructured":"Lyon, J., Wong, M.: Sender id: authenticating e-mail. internet engineering task force (IETF). RFC 4406, RFC Editor (2006). http:\/\/www.rfc-editor.org\/rfc\/rfc4406.txt"},{"key":"18_CR30","unstructured":"M. Kucherawy, E., E. Zwicky, E.: Domain-based message authentication, reporting, and conformance (DMARC). RFC 7489, RFC Editor (2015). http:\/\/www.rfc-editor.org\/rfc\/rfc7489.txt"},{"key":"18_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1007\/978-3-319-15509-8_2","volume-title":"Passive and Active Measurement","author":"DC MacFarland","year":"2015","unstructured":"MacFarland, D.C., Shue, C.A., Kalafut, A.J.: Characterizing optimal DNS amplification attacks and effective mitigation. In: Mirkovic, J., Liu, Y. (eds.) PAM 2015. LNCS, vol. 8995, pp. 15\u201327. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-15509-8_2"},{"key":"18_CR32","unstructured":"Mockapetris, P.: Domain names - implementation and specification. RFC 1035, RFC Editor (1987). http:\/\/www.rfc-editor.org\/rfc\/rfc1035.txt"},{"key":"18_CR33","unstructured":"Neij, F., Norberg, A., Brown, C.: Bep 34: DNS tracker preferences. http:\/\/www.bittorrent.org\/beps\/bep_0034.html"},{"key":"18_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1007\/978-3-319-13257-0_17","volume-title":"Information Security","author":"N Nikiforakis","year":"2014","unstructured":"Nikiforakis, N., Balduzzi, M., Desmet, L., Piessens, F., Joosen, W.: Soundsquatting: uncovering the use of homophones in domain squatting. In: Chow, S.S.M., Camenisch, J., Hui, L.C.K., Yiu, S.M. (eds.) ISC 2014. LNCS, vol. 8783, pp. 291\u2013308. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-13257-0_17"},{"key":"18_CR35","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Van Acker, S., Meert, W., Desmet, L., Piessens, F., Joosen, W.: Bitsquatting: exploiting bit-flips for fun, or profit? In: Proceedings of the International Conference on World Wide Web (WWW) (2013)","DOI":"10.1145\/2488388.2488474"},{"key":"18_CR36","doi-asserted-by":"crossref","unstructured":"Osterweil, E., Ryan, M., Massey, D., Zhang, L.: Quantifying the operational status of the DNSSEC deployment. In: Proceedings of the ACM Internet Measurement Conference (IMC) (2008)","DOI":"10.1145\/1452520.1452548"},{"key":"18_CR37","unstructured":"Pearce, P., et al.: Global measurement of DNS manipulation. In: USENIX Security Symposium (2017)"},{"key":"18_CR38","doi-asserted-by":"crossref","unstructured":"van Rijswijk-Deij, R., Sperotto, A., Pras, A.: DNSSEC and its potential for DDoS attacks. In: Proceedings of the ACM Internet Measurement Conference (IMC) (2014)","DOI":"10.1145\/2663716.2663731"},{"key":"18_CR39","doi-asserted-by":"crossref","unstructured":"Scheitle, Q., et al.: A long way to the top: significance, structure, and stability of internet top lists. In: Proceedings of the ACM Internet Measurement Conference (IMC) (2018)","DOI":"10.1145\/3278532.3278574"},{"issue":"2","key":"18_CR40","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1145\/3213232.3213235","volume":"48","author":"Q Scheitle","year":"2018","unstructured":"Scheitle, Q., et al.: A first look at certification authority authorization (CAA). ACM SIGCOMM Comput. Commun. Rev. 48(2), 10\u201323 (2018)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"18_CR41","unstructured":"Schlitt, W., Wong, M.W.: Sender policy framework (SPF) for authorizing use of domains in e-mail, version 1. RFC 4408, RFC Editor (2006). http:\/\/www.rfc-editor.org\/rfc\/rfc4408.txt"},{"key":"18_CR42","unstructured":"Statuspage: DNS configuration requirements. https:\/\/help.statuspage.io\/knowledge_base\/topics\/domain-ownership"},{"key":"18_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"424","DOI":"10.1007\/978-3-319-70972-7_24","volume-title":"Financial Cryptography and Data Security","author":"P Szalachowski","year":"2017","unstructured":"Szalachowski, P., Perrig, A.: Short paper: on deployment of DNS-based security enhancements. In: Kiayias, A. (ed.) FC 2017. LNCS, vol. 10322, pp. 424\u2013433. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70972-7_24"},{"key":"18_CR44","unstructured":"Telnames Limited:tel (2019). https:\/\/www.do.tel\/"},{"key":"18_CR45","doi-asserted-by":"crossref","unstructured":"Wander, M.: Measurement survey of server-side DNSSEC adoption. In: Proceedings of the Network Traffic Measurement and Analysis Conference (TMA) (2017)","DOI":"10.23919\/TMA.2017.8002913"},{"key":"18_CR46","first-page":"31","volume":"6","author":"YM Wang","year":"2006","unstructured":"Wang, Y.M., Beck, D., Wang, J., Verbowski, C., Daniels, B.: Strider typo-patrol: discovery and analysis of systematic typo-squatting. SRUTI 6, 31\u201336 (2006)","journal-title":"SRUTI"},{"key":"18_CR47","unstructured":"Weaver, N., Kreibich, C., Paxson, V.: Redirecting DNS for ads and profit. In: USENIX Workshop on Free and Open Communications on the Internet (FOCI) (2011)"},{"key":"18_CR48","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-540-73614-1_8","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"Bojan Zdrnja","year":"2007","unstructured":"Zdrnja, B., Brownlee, N., Wessels, D.: Passive monitoring of DNS anomalies. In: H\u00e4mmerli, B.M., Sommer, R. (eds.) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2007. Lecture Notes in Computer Science, vol. 4579, pp. 129\u2013139. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-73614-1_8"},{"key":"18_CR49","unstructured":"Zmijewski, E.: Accidentally importing censorship, March 2010. https:\/\/dyn.com\/blog\/fouling-the-global-nest\/"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-22038-9_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,11,28]],"date-time":"2019-11-28T06:59:09Z","timestamp":1574924349000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-22038-9_18"}},"subtitle":["Observing the Use of DNS TXT Records in the Wild"],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030220372","9783030220389"],"references-count":49,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-22038-9_18","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"6 June 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Gothenburg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sweden","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 June 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 June 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.dimva2019.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"dimca2019.hotcrp.com","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"80","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"23","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"29% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}