In the project “Investigating the Impact of DNS Centralization and Regional Discrepancies on the Security, Stability, Performance, and Resilience of DNS-dependent Applications,” the team led by Kevin Borgolte, Professor of Software Security, is investigating how various forms of DNS centralization and regional differences affect applications and services that depend on DNS. The project will be funded for two years, starting in June 2025, by the Internet Corporation for Assigned Names and Numbers (ICANN) through the ICANN Grant Program.

The Domain Name System (DNS) is a central component of the internet infrastructure. Among other things, it enables internet users to access websites without having to know complicated numerical IP addresses. In recent years, our dependence on DNS as a networked society has grown significantly. At the same time, DNS, as a distributed system with its many peculiarities, is highly complex and a frequent source of failures, such as the outages of Amazon’s largest AWS cloud region us-east-1 and the failures of Microsoft’s cloud services in October 2025. Among system administrators today, the first assumption is often that the DNS is the source of the problem (“it’s always DNS”). This complexity is one of the reasons why there has been a trend toward centralization, with a small number of players increasingly operating and thus controlling large parts of the DNS infrastructure. This trend raises concerns about concentration of power, single points of failure, and abuse. In addition, there are significant regional differences within the DNS ecosystem in terms of infrastructure, connectivity, resources, and technical expertise.

In this project, Kevin Borgolte and his team are investigating the impact of DNS centralization on the security, stability, performance, and resilience of DNS-dependent applications. While the focus has so far been primarily on the security and performance of the DNS itself in well-developed and well-connected regions, the team is taking a holistic approach and researching the effects on a global level, with a particular focus on the actual needs in underserved regions and the Global South. This involves quantitatively analyzing performance issues, risks, and challenges that modern DNS implementations and DNS infrastructure pose for users and operators.

The goal of the project is to identify approaches for improving the reliability and performance of the DNS worldwide. Based on empirical data, the project aims to provide a better understanding of the effects of DNS centralization and regional differences on DNS-dependent applications.

The research builds upon the project “Analyzing and Understanding the Increasing (Real) Centralization of the Internet,” funded by the Internet Society Foundation.