Researcher profile

Roland van Rijswijk-Deij

Roland van Rijswijk-Deij contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate

Networking and Internet Architecture Cryptography and Security

Trust snapshot

Quick read

Trust 15 - Baseline

3works

0followers

2topics

4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

preprint2022arXiv

No Time for Downtime: Understanding Post-Attack Behaviors by Customers of Managed DNS Providers

We leverage large-scale DNS measurement data on authoritative name servers to study the reactions of domain owners affected by the 2016 DDoS attack on Dyn. We use industry sources of information about domain names to study the influence of factors such as industry sector and website popularity on the willingness of domain managers to invest in high availability of online services. Specifically, we correlate business characteristics of domain owners with their resilience strategies in the wake of DoS attacks affecting their domains. Our analysis revealed correlations between two properties of domains -- industry sector and popularity -- and post-attack strategies. Specifically, owners of more popular domains were more likely to re-act to increase the diversity of their authoritative DNS service for their domains. Similarly, domains in certain industry sectors were more likely to seek out such diversity in their DNS service. For example, domains categorized as General News were nearly 6 times more likely to re-act than domains categorized as Internet Services. Our results can inform managed DNS and other network service providers regarding the potential impact of downtime on their customer portfolio.

preprint2022arXiv

Rpkiller: Threat Analysis from an RPKI Relying Party Perspective

The Resource Public Key Infrastructure (RPKI) aims to secure internet routing by creating an infrastructure where resource holders can make attestations about their resources. RPKI Certificate Authorities issue these attestations and publish them at Publication Points. Relying Party software retrieves and processes the RPKI-related data from all publication points, validates the data and makes it available to routers so they can make secure routing decisions. In this work, we create a threat model for Relying Party software, where an attacker controls a Certificate Authority and Publication Point. We implement a prototype testbed to analyse how current Relying Party software implementations react to scenarios originating from that threat model. Our results show that all current Relying Party software was susceptible to at least one of the identified threats. In addition to this, we also identified threats stemming from choices made in the protocol itself. Taken together, these threats potentially allow an attacker to fully disrupt all RPKI Relying Party software on a global scale. We performed a Coordinated Vulnerability Disclosure to the implementers and have made our testbed software available for future studies.

preprint2020arXiv

Tangled: A Cooperative Anycast Testbed

Anycast routing is an area of studies that has been attracting interest of several researchers in recent years. Most anycast studies conducted in the past relied on coarse measurement data, mainly due to the lack of infrastructure where it is possible to test and collect data at same time. In this paper we present Tangled, an anycast test environment where researchers can run experiments and better understand the impacts of their proposals on a global infrastructure connected to the Internet.