Measuring and Mitigating the Risk of IP Reuse on Public Clouds

Pauley, Eric; Sheatsley, Ryan; Hoak, Blaine; Burke, Quinn; Beugin, Yohan; McDaniel, Patrick

doi:10.1109/sp46214.2022.9833784

Cited by 3 publications

(1 citation statement)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Pauley et al [52] conducted a large-scale measurement of the IP reuse problem in public clouds, and they proposed the cloud squatting attack, which can exploit latent configurations of previous tenants to obtain sensitive information by applying for cloud servers. They tested 1.5 million unique IP addresses from the Amazon cloud service and received over 5 million cloud messages.…”

Section: Cloud Ip Reusementioning

confidence: 99%

BreakSPF: How Shared Infrastructures Magnify SPF Vulnerabilities Across the Internet

Wang,

Kuranaga,

Wang

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Email spoofing attacks pose a severe threat to email systems by forging the sender's address to deceive email recipients. Sender Policy Framework (SPF), an email authentication protocol that verifies senders by their IP addresses, is critical for preventing email spoofing attacks. However, attackers can bypass SPF validation and launch convincing spoofing attacks that evade email authentication. This paper proposes BreakSPF, a novel attack framework that bypasses SPF validation to enable email spoofing. Attackers can actively target domains with permissive SPF configurations by utilizing cloud services, proxies, and content delivery networks (CDNs) with shared IP pools. We leverage BreakSPF to conduct a large-scale experiment evaluating the security of SPF deployment across Tranco top 1 million domain names. We uncover that 23,916 domains are vulnerable to BreakSPF attacks, including 23 domains that rank within the top 1,000 most popular domains. The results underscore the widespread SPF configuration vulnerabilities and their potential to undermine the security of email systems. Our study provides valuable insights for detecting and mitigating SPF vulnerabilities and strengthening email system security overall.

show abstract

Section: Cloud Ip Reusementioning

confidence: 99%