2014
DOI: 10.1007/978-3-319-04918-2_21
|View full text |Cite
|
Sign up to set email alerts
|

Assessing DNS Vulnerability to Record Injection

Abstract: Abstract. The Domain Name System (DNS) is a critical component of the Internet infrastructure as it maps human-readable names to IP addresses. Injecting fraudulent mappings allows an attacker to divert users from intended destinations to those of an attacker's choosing. In this paper, we measure the Internet's vulnerability to DNS record injection attacks-including a new attack we uncover. We find that record injection vulnerabilities are fairly common-even years after some of them were first uncovered.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
23
0

Year Published

2014
2014
2024
2024

Publication Types

Select...
4
2
2

Relationship

1
7

Authors

Journals

citations
Cited by 33 publications
(23 citation statements)
references
References 8 publications
0
23
0
Order By: Relevance
“…Open DNS resolvers are problematic for two reasons. First, open resolvers can be susceptible to cache poisoning attacks [31], [48]. These, in turn, leave the users of subverted resolvers vulnerable to being re-directed to malicious services.…”
Section: Dns and Ntpmentioning
confidence: 99%
“…Open DNS resolvers are problematic for two reasons. First, open resolvers can be susceptible to cache poisoning attacks [31], [48]. These, in turn, leave the users of subverted resolvers vulnerable to being re-directed to malicious services.…”
Section: Dns and Ntpmentioning
confidence: 99%
“…When S1i of one source is very large, the percentage of '0' bits of its virtual array is 0 in connectivity estimation model. Then S2i of this source is inf according to formula (6). If S1i is in the top 1% of all sources' accurate value, the error between S1i and S2i is approximately equal to 0.…”
Section: Error Analysis For Connectivity Estimationmentioning
confidence: 99%
“…(2) ADNS Listening: as RDNS only interacts with ADNS directly, any IP address that sends domain requests to ADNS can be identified as a RDNS. By deploying a ADNS in advance [1,5,6], D. Dagon et al collect the IP addresses that send domain requests with random hosts in the same secondary domain to the ADNS. Domain requests with random hosts in the same secondary domain are sent by PlantLab nodes [7].…”
Section: Identification Of Rdnsmentioning
confidence: 99%
“…These attacks might target the integrity of the stored records and/or the availability of the DNS server itself. The attacks include Cache poisoning [22], TCP SYN floods [23], DNS hijacking [24], Phantom Domain attack [25], etc. In the following section we describe our proposed system and we evaluate how it mitigates all the aforementioned attacks.…”
Section: ) Attacks and Adversary Modelmentioning
confidence: 99%