Cross Layer Attacks and How to Use Them (for DNS Cache Poisoning, Device Tracking and More)

Abstract: We analyze the prandom pseudo random number generator (PRNG) in use in the Linux kernel (which is the kernel of the Linux operating system, as well as of Android) and demonstrate that this PRNG is weak. The prandom PRNG is in use by many "consumers" in the Linux kernel. We focused on three consumers at the network level -the UDP source port generation algorithm, the IPv6 flow label generation algorithm and the IPv4 ID generation algorithm. The flawed prandom PRNG is shared by all these consumers, which enables… Show more

“…10 As a critical infrastructure, the DNS client security cannot be ignored. [11][12][13] However, a new DNS cache poisoning attack targeting it has occurred recently. 14 Unlike other threats, the attack targets DNS clients, which only need to cooperate with a nonprivileged malicious program.…”

“…As a critical infrastructure, the DNS client security cannot be ignored 11–13 . However, a new DNS cache poisoning attack targeting it has occurred recently 14 .…”

An intelligent proactive defense against the client‐side DNS cache poisoning attack via self‐checking deep reinforcement learning

“…10 As a critical infrastructure, the DNS client security cannot be ignored. [11][12][13] However, a new DNS cache poisoning attack targeting it has occurred recently. 14 Unlike other threats, the attack targets DNS clients, which only need to cooperate with a nonprivileged malicious program.…”

“…As a critical infrastructure, the DNS client security cannot be ignored 11–13 . However, a new DNS cache poisoning attack targeting it has occurred recently 14 .…”

An intelligent proactive defense against the client‐side DNS cache poisoning attack via self‐checking deep reinforcement learning

“…Various incidents based on this technique have been published [12,91,92]. The use of the Address Resolution Protocol [12] or Domain Name System [93] poisoning techniques enables the attacker to act as an intermediate. Particularly, the attacker changes the IP-MAC or the domain-IP associations correspondingly in order to redirect the traffic through him (acting as gateway) and gathers communication channel's data.…”

“…When (a) SIP Digest is employed, an attacker can act as an intermediate (MiM) between the P-CSCF and the UE, utilizing well-known attack techniques such as DNS [93,95] and ARP poisoning [12]. It is assumed that a legitimate UE has already established a multimedia conference room (i.e.…”

Enhancing security and privacy in VoIP/IMS environments

Performance of DNS Over HTTPS Implementation on Low-Power Devices