2010 6th IEEE Workshop on Secure Network Protocols 2010
DOI: 10.1109/npsec.2010.5634454
|View full text |Cite
|
Sign up to set email alerts
|

Protecting against DNS cache poisoning attacks

Abstract: DNS is vulnerable to cache poisoning attacks, whereby an attacker sends a spoofed reply to its own query. Historically, an attacker only needed to guess a predictable, or more recently, a 16 bit pseudorandom ID in order to be successful. The Kaminsky attack [7] demonstrated successful poisoning attacks that required only 6 seconds on typical networks. Since then, source port randomization (spr) has been used for additional protection. Nevetheless, E. Polyakov demonstrated successful poisoning attacks against s… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
10
0
1

Year Published

2011
2011
2020
2020

Publication Types

Select...
3
2
2

Relationship

0
7

Authors

Journals

citations
Cited by 19 publications
(11 citation statements)
references
References 9 publications
0
10
0
1
Order By: Relevance
“…Application attacks mainly focus on the aggregation layer and the application layer, including attacks against the application server and malware intrusions. Attacks against the application server include DOS and DNS cache poisoning [185]. Deployment of a firewall and configuration of security policy can protect the application server from network attacks.…”
Section: Network Defensementioning
confidence: 99%
“…Application attacks mainly focus on the aggregation layer and the application layer, including attacks against the application server and malware intrusions. Attacks against the application server include DOS and DNS cache poisoning [185]. Deployment of a firewall and configuration of security policy can protect the application server from network attacks.…”
Section: Network Defensementioning
confidence: 99%
“…The success attack probability of the SRQ and the SLC in different threat level According to formula (1) and (2), both the SRQ and SLC mode will significantly reduce the success attack probability when the parameter R in (1) and L in (2) increases, and under the SRQ mode the p succ even reduce faster because of the K in (1) is much greater than 36 in (2). As shown in Fig.5, the curve of SRQ descends faster than the SLC before the two curves intersect.…”
Section: ) Success Attack Probabilitymentioning
confidence: 99%
“…Assume that the attacker guesses N guess times before he find the right answer, as we computed in (1) and (2), the expectation of the number N guess that the attacker needs to send the packets equals to the reciprocal of the success attack probability, which is 1/ p succ . So the total time expectation should be computed by the packet length, his bandwidth and the N guess , then:…”
Section: ) Total Attack Costmentioning
confidence: 99%
See 1 more Smart Citation
“…针对服务应用的攻击主要集中在汇聚层和应用层, 主要包含针对应用服务器的网络攻击和恶意 软件入侵. 针对应用服务器的攻击包括 DoS 攻击, 以及针对特定协议的攻击, 如 DNS 缓存投毒 [187] . 通过部署防火墙, 配置安全策略, 即可保护应用服务器抵御网络攻击.…”
unclassified