Identity theft — it’s not just for individuals anymore.
Credit: Photo by Tonia Moxley for Virginia Tech.
Identity theft — it’s not just for individuals anymore.
Companies. Colleges. Organizations. In fact, anyone with a web address can be at risk from bad actors seeking to divert their users for fraudulent purposes or censorship.
To protect the owners and users of websites, College of Engineering researcher Taejoong “Tijay” Chung is working to better secure today’s domain name system and Internet Protocol (IP) addresses. The project is being done through a recently-announced National Science Foundation Faculty Early Career Development (CAREER) award.
Project at a glance
Title: Securing and Evolving Internet Security Protocols for Naming and Routing
Purpose: Measuring and improving security for Internet domain names and IP addresses
Principal investigator: Chung, assistant professor in the Department of Computer Science
Collaborators: Comcast, Cloudflare, the Regional Internet Registry for Europe, the Internet Society, and the Domain Name System Operations Analysis and Research Center
Funding: $691,258
Timeframe: 2024-29
All websites depend on what’s known as the Domain Name System, which functions like the phone book of the internet, Chung said. Individuals, organizations, and companies register unique domain names, such as google.com and vt.edu. Then users type those “addresses” into a browser and navigate to the correct site.
To get to those sites, though, every human-readable domain name must be translated into a unique numerical identifier, or IP address. Every device connected to the internet has a unique IP address that is broadcast to the larger network of routers that funnel users to the correct content.
But things can go wrong at several points in the process.
If a domain name is not protected by a robust security protocol, it can be co-opted by bad actors, Chung said. And surprisingly, even though strong protocols exist, some website owners can’t afford or don’t have the technical abilities to implement them.
Similarly, attackers can hijack a valuable website by passing off a fake IP address as the correct place for routers to send its internet traffic. Chung pointed to a infamous case from Pakistan wherein the government was able to divert YouTube users to its own IP addresses — effectively blocking its citizens from accessing YouTube content.
“Because of gaps in security for IP addresses, this kind of attack is still happening,” Chung said.
Using publicly accessible data, Chung’s team will work in three areas:
- Developing a technique for finding and evaluating security vulnerabilities
- Analyzing the causes of configuration errors in the IP system and using machine learning-based tools to automatically correct them
- Applying what the team learns from this work to other network protocols to better protect critical infrastructure and communication channels
Widening the net
“The internet is too broad, so just one researcher can’t do a meaningful study,” Chung said. “To get useful results, I am working with three Ph.D. students and several collaborators, including industry partners.”
Chung works not only with companies like Comcast and Cloudflare, but also with global nonprofits dedicated to a trustworthy internet, such as Regional Internet Registry for Europe, Internet Society, and Domain Name System Operations Analysis and Research Center.
His overall mission, Chung said, is to educate industry leaders, researchers, and the general public about these systems and how to protect themselves from bad actors. To that end, all the data, source code, and analysis from this project will be made available to the public.
