Off-Label Use of DNS: Analyzing Unconventional Protocol Usage for Network Security

Explore a 44-minute NANOG conference talk that delves into unconventional yet legitimate uses of the DNS protocol beyond its primary resolution service. Learn how various service providers and vendors leverage DNS in innovative ways, taking advantage of its speed and low bandwidth overhead. Discover how analyzing DNS logs can reveal crucial information about clients and software, providing network security defenders and analysts with valuable insights for malware detection. Speaker Fatema Bannat Wala examines these "off-label" DNS use cases, demonstrating how understanding these practices can enhance network security monitoring and threat detection capabilities through DNS log analysis.