Giovane Moura

Based in Arnhem, The Netherlands




Likes on articles

About the author

Giovane is a Data Scientist with SIDN Labs (.nl registry) and Guest Researcher at TU Delft, in the Netherlands. He works on security and Internet measurements research projects. Prior to SIDN, he worked as a Postdoctoral Researcher at Delft University of Technology, in The Netherlands. He obtained his Ph.D. degree with Prof. Aiko Pras at the University of Twente, also in the Netherlands, with focus on both active and passive Internet measurements. His research interests include Internet Measurements, Management, Security and Machine Learning applications. You can reach him at

Fragmentation, Truncation, and Timeouts: Are Large DNS Messages Falling to Bits?

How much of a problem are large DNS responses over UDP in the wild?

32 You have liked this article 0 times.

How Centralised is DNS Traffic Becoming?

There have been growing concerns over the last few years about the excessive concentration of control over the Internet's markets and infrastructure — what is commonly referred to as Internet centralisation. In this article, Giovane Moura talks about how he and his colleagues have been measuring ce…

6 You have liked this article 0 times.

Detecting and Taking Down Fraudulent Webshops at the .nl ccTLD

In this article, we describe how we detected a large number of fraudulent sites using tools developed by SIDN Labs.

2 You have liked this article 0 times.

How to Choose DNS TTL Values

There is no consensus on how to choose DNS time-to-live (TTL) values for domain names. Yet, TTLs are incredibly important, given that they indirectly control how long resolvers cache records, directly influencing user experience.

3 You have liked this article 0 times.

Dissecting DNS Defenses During DDoS Attacks

New technical report evaluates DNS defenses in the wild against DDoS attacks and shows some interesting results.

0 You have liked this article 0 times.

DNS TTL Violations in the Wild - Measured with RIPE Atlas

DNS TTL violations is a controversial topic. It basically means a resolver overrides a TTL value provided by an authoritative server, and then serving its clients with this value. In this post, we analyse if this is happening in the wild.

0 You have liked this article 0 times.

Turning on Anycast on B-Root

The B-root operators have announced that they would enable IP anycast on 1 May 2017 [1]. In this article, we show how that change has been perceived by the RIPE Atlas probes, and if there were any transient effects of this change.

0 You have liked this article 0 times.

Anycast vs. DDoS - Evaluating the November 2015 Root DNS Event

IP anycast has been widely used to replicate services in multiple locations as a way to deliver better performance and resilience. It has been largely employed by CDNs and DNS operators, such as on the root server system. However, there is little evaluation of anycast under stress.

0 You have liked this article 0 times.

Showing 8 article(s)