LANDER:T-DNS-experiments-20140324 From Predict README version: 4008, last modified: 2014-06-2. This file describes the trace dataset "T-DNS-experiments-20140324" provided by the LANDER project. Contents • 1 LANDER Metadata • 2 Dataset Contents • 3 Dataset explanation • 3.1 Query latency evaluation data • 3.2 RTT estimation data • 3.3 DNS response size data • 3.4 Computational cost • 4 Citation • 5 Results Using This Dataset • 6 User Annotations LANDER Metadata ┌───────────────────────────┬────────────────────────────────────────────────────────────────────────────────────┐ │ dataSetName │ T-DNS-experiments-20140324 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ status │ usc-web-and-predict │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ shortDesc │ t-DNS: Connection-Oriented DNS exp. data │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ longDesc │ Experiments measuring performance of using DNS over TCP and TLS │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ datasetClass │ Quasi-Restricted │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ commercialAllowed │ true │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ requestReviewRequired │ true │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ productReviewRequired │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ ongoingMeasurement │ true │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ submissionMethod │ Upload │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionStartDate │ 2013-11-01 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionStartTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionEndDate │ 2014-01-01 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionEndTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityStartDate │ 2015-06-10 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityStartTime │ 19:28:48 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityEndDate │ 2030-01-01 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityEndTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ anonymization │ none │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ archivingAllowed │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ keywords │ category:synthetically-generated-data, subcategory:experimental-data, │ │ │ domain-names, TCP. │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ format │ text │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ access │ https │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ hostName │ USC-LANDER │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ providerName │ USC │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ groupingId │ │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ groupingSummaryFlag │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ retrievalInstructions │ download │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ byteSize │ 19922944 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ expirationDays │ 14 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ uncompressedSize │ 10865261 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ impactDoi │ 10.23721/109/1354018 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ useAgreement │ dua-ni-160816 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ irbRequired │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ privateAccessInstructions │ See http://www.isi.edu/ant/traces/index.html#getting_datasets for information on │ │ │ obtaining this dataset. │ │ │ See │ └───────────────────────────┴────────────────────────────────────────────────────────────────────────────────────┘ Dataset Contents This dataset contains the tDNS performance measurement data for the paper "T-DNS: Connection-Oriented DNS to Improve Privacy and Security" (Methodologies are explained in detail in the "Dataset explanation" section) This dataset contains several sub-directories which correspond to different datasets used in the paper: tDNS.README.txt      copy of this README stub_rec_latency query latency between stub and recursive resolver rec_auth_latency query latency between recursive resolver and authoritative name server stub_rec_rtt RTT estimation between stub to recursive resolver rec_auth_rtt RTT estimation between recursive to authoritative name server computation_cost computational cost for different component of tDNS response_size DNS response size. domain_names 140 unique domain names chosen randomly from alexa top 1000. These datasets are all from controlled experiments. Although some include trace replay, they contain no directly-initiated user requests and so their contents have no privacy concerns. Dataset explanation Query latency evaluation data The directory "stub_rec_latency" contains the data for query latency from stub to recursive resolver. Similarly "rec_auth_latency" contains the data for query latency from recursive to authoritative resolver. They use the same data format, so we only take "stub_rec_latency" as an example here to explain the data. "stub_rec_latency" has multiple sub-directories, for example: drwxr-xr-x 2 zihu div7 4096 Mar 19 23:58 tcp_noreuse_stopandwait_inorder drwxr-xr-x 2 zihu div7 4096 Mar 19 23:58 tcp_reuse_pipeline_inorder drwxr-xr-x 2 zihu div7 4096 Mar 19 23:58 tcp_reuse_pipeline_outoforder drwxr-xr-x 2 zihu div7 4096 Mar 19 23:58 tcp_reuse_stopandwait_inorder drwxr-xr-x 2 zihu div7 4096 Mar 19 23:58 tls_noreuse_stopandwait_inorder drwxr-xr-x 2 zihu div7 4096 Mar 19 23:58 tls_reuse_pipeline_outoforder drwxr-xr-x 2 zihu div7 4096 Mar 19 23:58 tls_reuse_stopandwait_inorder drwxr-xr-x 2 zihu div7 4096 Mar 19 23:58 udp_noreuse_stopandwait_inorder drwxr-xr-x 2 zihu div7 4096 Mar 19 23:58 udp_reuse_pipeline_outoforder Each sub-directory in "stub_rec_latency" represents the query latency data of one protocol. For each protocol, we query 140 unique domains (domain_names/140_dns_names_r_alxatop1000.dat). We repeat the experiment 10 times, so each file under each sub-directory represents one run of data of using that protocol. For example, the file: tls_reuse_pipeline_outoforder/pssl.1.dat represents one run of the query latency data of using pssl, data is sorted by query index: #fsdb index t_complete t_avg t_individual t_sum t_mean id st_offset rt_offset 1 0.984401 0.984401 0.984400 0.984400 0.984400 19383 0.000001 0.984401 2 0.984401 0.492200 0.921838 1.906238 0.953119 19384 0.000073 0.921911 3 0.984401 0.328134 0.314210 2.220449 0.740150 19385 0.000082 0.314293 the following is the explanation of each field in this file: index: query index, 1 means the first query, 2 means the second query, .... t_complete: the time needed for all queries to receive responses (time_of_receiving_last_response - time_of_sending_first_query). t_avg = t_complete/index t_individual: the latency for each query. (time_of_receiving_the_response - time_of_sending_the_query => response_receive_ts - query_send_ts) t_sum: sum(t_individual) t_mean: t_sum/index id: id of each query, (I manually set the id for each query, it is incremental). the last two columns (st_offset, rt_offset) show the relative sending and receiving time respectively (relative to the start of my program). RTT estimation data  1. stub to recursive The directory "stub_rec_rtt" contains the data for RTT estimation from stub to recursive resolver. We measure the latency between stub and recursive resolvers across 400 PlanetLab nodes (pl_nodes.list) to their local (ISP-provided) resolver, and also to three third-party DNS (Google, OpenDNS, and Level 3). For each case, we issue the same query to www.isi.edu 7 times with dig, each after the previous reply. Each of the sub-directory corresponds to one DNS resolver: local_isp: ISP-provided resolver 8.8.8.8: Google 208.67.222.222: OpenDNS 4.2.2.2: Level 3 Take the directory "8.8.8.8" as an example. This directory contains 400 sub-directories, each corresponds to one PL node. The data in each of the sub-directories is the dig log which includes the query time, for example: ; <<>> DiG 9.5.0-P2 <<>> @208.67.222.222 www.isi.edu ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24095 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.isi.edu. IN A ;; ANSWER SECTION: www.isi.edu. 7176 IN A 128.9.176.20 ;; Query time: 2 msec ;; SERVER: 208.67.222.222#53(208.67.222.222) ;; WHEN: Wed Jan 29 00:22:28 2014 ;; MSG SIZE rcvd: 45  1. recursive to authoritative The directory "rec_auth_rtt" contains the data for RTT estimation from recursive to authoritative resolver. We query each of the alexa top 1000 (top1000_website.list) from four locations: our institution in Los Angeles (isi.edu) planetLab site in China (www.pku.edu.cn) planetlab site in UK (www.cam.ac.uk) planetlab site in Australia (www.monash.edu.au). For each site we query each domain name 10 times. We use "dig +trace" to resolve each domain component from the root to the edge and record the query time of the last component. The following shows sample data in file "au_rtt_recursive_authoritative_raw.dat" from Australi, which includes two columns: domain, rtt. #fsdb domain rtt google.com 156 google.com 148 google.com 145 google.com 155 DNS response size data the directory "response_size" contains the size of responses data from two root servers: A root: a_root_response_size.dat, from [1] J root: j_root_response_size.dat, from [2] Sample data: #fsdb size_range query_count 16-31: 3534863 32-47: 2290674 48-63: 3427167 64-79: 3772494 First column shows the size range, the second column shows the number of responses with size in that range. The file "response_size_by_step.dat" records the size of responses of Alexa top-1000 websites. We use "dig +trace" to resolve each domain component from the root to the edge and record the response size of each component. Sample data: #fsdb domain response_size google.com 857 google.com 738 google.com 664 google.com 112 For each domain, the query usually has several components. e.g. first query root, then .com ... the first column in the data is the domain, the second column records the size of response from each component. Computational cost The directory "computation_cost" contains computational cost evaluation data of TLS: ssl_handshake_wo_validate.fsdb: TLS handshake cost (OpenSSL), without CA validation ssl_handshake_w_validate.fsdb: TLS handshake cost (OpenSSL), with CA validation tcp_handlepkts.fsdb: TCP sending packet cost tcp_handshake.fsdb: TCP handshake cost tls_handshake.fsdb: TLS handshake cost (Gnutls, anonymous) tls_handshake_resumption.fsdb: TLS handshake cost (Gnutls, with resumption) Method to test computation cost (we repeat each of the following 10 times) For TCP handshake, we measure 10k TCP handshakes, each by setting up and closing a connection. For TCP packet handling, We estimate TCP packet processing by sending 10k full-size packets over an existing connection. For TLS handshake, we measure TLS connection establishment from 1000 connections, and isolate key exchange from certificate validation by repeating the experiment with CA validation disabled. For TLS resumption: we measure GnuTLS connection resumption with 1000 trials. Sample data (ssl_handshake_wo_validate.fsdb): #fsdb rounds total_time mean_time 1000 12.980946 0.012981 1000 13.276273 0.013276 1000 12.998858 0.012999 1000 12.971522 0.012972 The first column records the number of handshakes; second column records the total time to do 1000 handshakes, and third column records the mean time for each handshake. Citation If you use this trace to conduct additional research, please cite it as: Liang Zhu, Zi Hu, John Heidemann, Allison Mankin, Duane Wessels. "T-DNS: Connection-Oriented DNS to Improve Privacy and Security" Technical Report ISI-TR-2014-688, USC/Information Sciences Institute, Feburary, 2014. Results Using This Dataset This dataset has been used in the following published work: • Liang Zhu, Zi Hu, John Heidemann, Allison Mankin, Duane Wessels. "T-DNS: Connection-Oriented DNS to Improve Privacy and Security" Technical Report ISI TR-2014-688, USC/Information Sciences Institute, Feburary, 2014. User Annotations Currently no annotations. Categories: • LANDER • LANDER:Datasets • Datasets