Domain name lookups can reveal webpages visited by Internet users

In a paper published earlier this month, German researcher Dominik Herrmann shows that domain name lookups can reveal not only the websites visited by Internet users, but also the individual pages that they access. According to Herrmann, Domain Name System (DNS) recursive nameservers have monitoring capabilities that can allow operators to track the activities of users over an extended period of time. As explained by The Register, the paper describes a behaviour-based tracking method, through which individuals with access to the infrastructure can watch a user’s behaviour while the user has one Internet Protocol (IP) address, create a classifier for that user, and look for behaviour that matches the classifier when the IP address changes. Herrmann argues that one way to mitigate this privacy risk is for Internet Service Providers (ISPs) to refresh users’ IP addresses more frequently.