One way ICANN fulfills its mission of ensuring the stable and secure operation of the Internet’s unique identifier systems is by monitoring and collecting Domain Name System (DNS) related data. For this purpose, ICANN has launched a number of data-collecting initiatives, of which the Domain Abuse Activity Reporting (DAAR) project is perhaps the best known; and is proving helpful when pursuing domain name abuse during COVID-19.
A somewhat less known, but equally important, undertaking is the Identifier Technology Health Indicators (ITHI) initiative, focusing on analyzing trends in DNS operation.
The data from ITHI shows how traffic patterns between recursive resolvers and authoritative servers. This is helpful in mapping and understanding how the DNS actually works and to observe trends in the flow of traffic. One interesting finding, which ITHI uncovered, is that only 208 recursive resolvers (out of millions of resolvers worldwide) were needed to see 50% of the DNS traffic of all Internet users (June 2020). More detailed data on ITHI findings, such as the percentage of resolvers that perform Domain Name System Security Extensions (DNSSEC) validation can be found at https://ithi.research.icann.org/.
Where does all this information come from? This data is shared by participating community members, including several ccTLD registries, along with Internet service providers (ISPs). Several universities are also involved (a full list of contributors is available at https://ithi.research.icann.org/).
You, too, can be a part of this effort. ICANN is inviting more participants to join this project, as the more data that can be obtained, the more valuable the analysis becomes.
Participating Is Simple
ICANN is providing registry operators and ISPs with a software that analyzes and collects statistics on DNS traffic, both to and from authoritative servers and recursive resolvers.
This tool is open source, available on Github and has been code reviewed by NLabs. It takes only about ten minutes to install.
As the tool runs, it collects statistics (and only statistics) devoid of any Personally Identifiable Information (PII). ITHI partners send those statistics back to ICANN periodically. Partners can choose to automate this process. Important to note – the tool is only collecting statistics of DNS operations and is NOT gathering any information about zone files or related to zone files!
What’s in It for You?
Well, beyond your contribution to the common good of understanding the Internet, you also will be able to monitor your network, see if there are any trends to be concerned about, and whether something is unusual compared to your peers’ networks. Consider it a kind of early-warning system.
Alain Durand, from ICANN’s Office of the CTO (OCTO), is the coordinator of this project, and will be pleased to answer any questions. For information on the initiative and how to participate, please contact Alain Durand at [email protected] or Gabriella Schittek [email protected]. We will be happy to guide you further!
Source: ICANN